Norton UK Blog
We are our own worst enemies when it comes to mobile malware
While many of us safeguard our desktops and laptops from a cavalcade of online threats, we’re much more lax about our phones. We download apps without a second thought or log into our bank accounts on public networks where just about anyone could be watching in.
Our mobiles are private we think, with passcodes and passwords and lock-screens to hide away our photos, our contacts, and that one dating app you downloaded one time to ‘try’ it. (It’s still there six months later.)
But our phones are threats in our pockets and we’re often our own worst enemies.
The stats don’t lie
In their annual Internet Security Threat Report, Symantec found that a staggering 17% of all Android apps (nearly one million in total) were malware in disguise. Think of how many apps you have on your phone. There’s a chance that one in five of them is malicious software.
More worryingly, up to three in ten Android devices will run into malware. Users have downloaded more than two BILLION data-stealing Android apps.
And it doesn’t end there. Security firm Proofpoint found 12,000 malicious apps in Android apps, programmed with code to steal data and create backdoors for an endless cycle of malware. And it’s not just on personal phones. On an enterprise level, iOS has played victim to malicious apps. 40% of an undisclosed number of enterprises using Proofpoint’s security system had Apple devices running dodgy apps.
In a Nokia malware report, the stats are just as damning. Interestingly, a decrease in adware activity saw infection rates decrease in mobile networks on Windows-based PCs connected via the mobile network.
However, smartphone infection rates increased and now account for 60% of infections on the mobile network. Android is the big culprit and is responsible for a serious chunk of the infections, while iPhone malware represents 6% of total infections.
The most damning finding of Nokia’s report is that mobile malware is becoming more sophisticated and may even survive a last-ditch factory reset of your precious phone. Mobile malware is now that bad smell that won’t go away – and the worst thing about is that a lot of the time, we’re at least partly responsible.
The rise of ‘hide and seek’
When you were a kid, hide and seek may have been a game you played with your friends. One person was the designated hider. They covered their eyes and counted down from one hundred while their friends ran and hid. It was the best of times and the worst of times, depending on whether you were hiding or seeking.
But hackers have hijacked the game. Malware is hiding is plain sight in app stores and online – and inadvertently, users are seeking it out. Sure, it’s a mistake, but these apps are triggered by people actively downloading them and the malware attached.
Symantec found that up to 70% of social scams are shared manually. Dodgy apps are the same in that we’re actively looking them up and hitting ‘install’. We’re clicking on ads in games or apps –often accidentally, and triggering a drive-by download. We’re downloading files or accessing sites with dodgy content and no antivirus protection.
It’s akin to parking your car out the front of your house and leaving it unlocked. In some cases, we’re going so far as to put the keys right in the ignition.
In early March 2016, Android devices came under attack from a form of malware called ‘accessibility clickjacking’. The what?
Clickjacking is a sneaky tactic of tricking unwitting victims into clicking on an element of a site that might not actually appear on the screen. Yeah, that sounds baffling, but the basic principle is that a hacker will overlay something on the display and a user might click or access it and open up their phones to the hacker.
The hacker can then access your private info, data, work emails, or anything else – a particular threat on work phones that might house important client information or confidential work emails. And it isn’t just an Android problem, as iOS has shown an uptick in mobile malware too.
But just why is Android so susceptible?
In much the same way that Windows is more susceptible than Apple, Android has a far larger userbase than iOS – which puts a big target on its metaphorical forehead. However, it’s not just a matter of popularity.
Much of Android’s platform is built on open-source technologies. Google actually offers the full Android source code to anyone – which leaves it wide open to hackers to investigate it, find vulnerabilities, and pick it open. However, the blame doesn’t just lie on its open-source roots.
A big problem is Google’s app ecosystem. Apple, RIM (Blackberry) and Microsoft (Windows Phone) keep tabs on the apps in their stores. Google Play works almost on the level of a free-for-all: pretty much anyone can upload and distribute an app in the Play store. Naturally, hackers and script kiddies have taken advantage of this open platform and uploaded games and apps riddled with malware and intrusive advertising.
That said, the blame doesn’t entirely lie with Google either. If a security issue pops up on Android, Google develop a fix. Often, users don’t update their phones. Many users will push off updates for as long as possible. In 2010, DroidDream attacked the Play store. Google quickly released a patch but users didn’t update to it so the malware kept exploiting the flaw.
While recent updates to the Android OS has made for a far more robust and secure system, hackers are still getting through – and in increasingly smart ways.
Take adware for example. Previously the ‘annoying little brother’ of the malware family, adware often didn’t do much damage beyond being a nuisance that spammed ads on your phone. Occasionally, clicking an ad banner led to downloading fake software or malware.
However, adware has stepped its game up. Hackers have started adding malware elements to games and ads to trigger downloads and even gain access to the root of a device. If a hackers gets into the root, you’re in big trouble as they can get up to all kinds of mischief with your phone.
According to a report from Lookout, ‘auto-rooting’ apps is on the rise and is being packaged as a legitimate app. Repackaged apps (created and built by hackers) were found in the iOS and Android app stores and included widely popular apps like Candy Crush Saga, Facebook, WhatsApp and more.
Mobile malware is a huge threat to the average Joe, and while much of it comes from accidental clicks, visiting adult or suspect sites, or downloading bad apps, there are steps you can take to keep your phone safe.
How to protect your phone from mobile malware
There’s no two ways about it: mobile malware is on a rising tide that may soon give way to a tsunami. But that doesn’t mean you need to be a sitting duck or an accidental participant. There are several steps you can take to preventing mobile malware.
1. Treat your phone like your computer
You don’t download anything and everything to your computer, so why treat your smartphone like that? After all, a smart phone is the perfect combo of a phone and computer. Password protect your device, be smart about what you download, and don’t click on random ads or links.
2. Install antivirus protection
Antivirus for your phone…? Yes, it exists and the stats show it’s quickly becoming a necessity as malware is getting smarter and more predominant. Norton Mobile Security comes with brilliant features like:
- Scanning apps for malware, privacy and other risks.
- Protecting against unsafe websites.
- Blocking unwanted calls and texts.
- Wiping your lost and stolen phone.
- Remotely locking your missing or lost device.
- Setting off an alarm so you can find your phone if it’s lost.
3. Be smart about the apps you use
As we said above, hackers are getting increasingly smart, even going so far as to rebuild and repackage apps so they look just like the real thing.
Only download apps from trusted app stores. Before you download a new app, check the reviews and read up on the reputation of the app and its publishers. Some hackers masquerading as real developers will go so far as to write fake reviews praising their fake app – so make sure to do your research and to check online on social media, news sites, and forums.
4. Be careful about using open networks
You could check your bank account on an open Wi-Fi network (a café, for example) and everything could be completely fine. It could also go terribly wrong and a hacker might steal your details and wipe your account clean.
Never access important or sensitive data on an open or public network.
5. Update your OS
Apple tells you when your iOS needs to be updated. Google isn’t quite so loud about it. If you’re not sure about your OS and how to update it, search your phone manufacturer and ‘OS update’.
6. Encrypt your device
If you’re very worried about your device or any of the information on there, encrypting your device should ease some of your concern. Start with a strong password and then check this article on iTunes to encrypt your iPhone or pop over to Greenbot to learn about encrypting an Android phone.
** Dark Web Monitoring defaults to monitoring your email address and begins immediately. Please sign in to your account to enter additional information for monitoring purposes.
No one can prevent all cybercrime or identity theft.
The Norton and LifeLock brands are part of NortonLifeLock Inc. LifeLock identity theft protection is not available in all countries.
Copyright © 2021 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.