Thursday, 27 June 2013

Mobile Phones and Virus Issues

Antivirus programs are quite familiar to us on our desktops. As mobile operating systems have grown in
popularity, desktop type security concerns have followed. So trained are users that when Android antivirus apps began appearing, users saw them as a must-have. Given that there have been various bit of news about Android malware; users can’t really be blamed for making assumptions.
The trouble with apps is that they all run in the same sandboxed Java environment, which  includes the AV apps as well.  Most AV apps lack the ability to gain low-level system access on mobile that desktop antivirus would. This currently means that the best way to avoid malware is to understand how Android apps work.

When an app is installed, the system will always display permissions requested. See here  for an example. You can also find these permissions in the android settings for installed apps. These permissions are shown on a tab in Google Play) Some antivirus apps such as Zoner can display a list of apps and the number of permissions granted.
If a simple app asks for permission to send and receive SMS messages; that should be checked out by the user. Recent malware has been designed in such a way that by gaining rights to the phone, it can send text messages to premium rate numbers and also allow other attackers to carry out fraudulent activities. PC World reports that when first executed, Obad.a prompts users for device administrator privilege. Applications that gain this privilege can no longer be uninstalled through the regular apps menu until they are removed from the administrators list on the infected device. Indeed security researchers at Kaspersky’s lab have come across a Trojan virus, which is so strong that it might be almost impossible to remove.

The same problem exists for apps that allow phone calling permissions, potentially allowing them to call premium rate numbers without the user’s knowledge.

Another permission to check for is access to the contact list, and Google accounts. If you believe that the App should not be accessing this data, there is a chance that it is malware designed to collect user data for spamming or phishing. You might expect to see this permission is in apps that autocomplete contact names, or handle messaging actions.

The location permission could be used it for location-aware ads (might be useful), but a more questionable app could pick up a user’s location, and store it over time to sell that to advertisers.

The best way to stay safe on Android is to just stick to established apps from the likes of the official Android Market or the Amazon Appstore. While bad apps do occasionally show up in the Market, Google removes them swiftly and can also remotely kill the apps on phones.

There has been good evidence that a lot of free Android antivirus apps just don’t work, and could even cause people to believe they are protected when they are not. This might mean people taking take more risks with downloading dodgy software. There is a useful review here

Perhaps even worse is the latest scam imported from the PC platform, a form of which was recently identified by Symantec. Android Fakedefender locks people out of using other applications and can also change the settings of the OS, making it tricky for people to uninstall the malware.

Juniper networks says that the Mobile Threats Report, conducted by the Juniper Networks Mobile Threat Center, is one of the largest first-hand quantitative research studies of its kind. The report is based on analysis of more than 1.85 million mobile applications and vulnerabilities, up more than 133 percent from the last report released in February 2012.
Juniper says it's clear that cybercriminals are now rather than trying to crack into every system, are going after the most popular: Android which dominates nearly 60 percent of the smartphone market share. (Apple has slightly more than 19 percent and Microsoft has 18 percent.)

An interesting feature of Zoner mentioned above is the theft protection, which if enabled allows you to remotely control and locate your device via SMS messages. If you have lost it somewhere you can get a location or sound an alarm for people to notice it. (useful if you have left it on silent) If it has been stolen you will be notified when SIM is changed. It might also be used by your partner or others to track your location... 

No comments:

Post a comment