Home Security Mobile Five Different Types of Malware that Can Be Found on Android

Five Different Types of Malware that Can Be Found on Android

android malware

Malware is software that is intentionally embedded with worms, spyware, adware, viruses, Trojans, and other malicious things. Money is the reason for almost all malware. Just read ‘Exposing the Money Behind the Malware’ by Sophos.

­The performance of your computer or other devices could be suffering, you could be having your personal information stolen at this moment, or there could be intruders getting into your accounts. These are only two of the many consequences that can happen if you have or are using devices that contain Malware.

Installation of apps without your consent

Some people have been opening links inside their apps without ever going to their browser app. Have you ever done this? This is done with a component called Webview. If you happen to be running Android 4.3 ‘Jellybean’ or lower, there is something you need to know about.

Apparently, there is a vulnerability that allows users to click on malicious links as they’re browsing in Webview. The vulnerability is referred to as the Universal Cross-Site Scripting (UXSS) attack. It is letting users click on malicious links where the attackers are able to execute malicious codes using JavaScript.

They are somehow able to get around the security that’s there to protect the users. Once the attackers get this far, they can use the vulnerability and install any app they want onto your device. It has been said that Google does not plan on patching the vulnerability found in Android 4.3 and lower.

So, if you are interested in not being a target for these attackers, you should upgrade and get the latest version of Android. This should be done as soon as possible. Alternatively, you could simply choose not to use the Webview to browse, and instead you can open your links in secure browsers, such as Dolphin, Firefox, and Chrome among many others.

Filtering services for spam

Although Svpeng did check on whether or not a banking app had been installed, the information on that seems to have vanished. However, Svpeng’s twenty-five year old creator was arrested by the Russian police in early April for apparently stealing more than fifty-million rubles ($930,000) and infecting more than 350,000 devices of powered by Android OS.

Your device is held for ransom by ransomware

Ransomware Android Phone

There is malware that will actually hold your computer or other device for ransom. The hackers or attackers keep your device on lockdown, making so you unable to use it until they get what they want. This is what took Android by surprise back in 2014.

The cyber-criminal gang created this ransomware originally in order to target the Russians. Svpeng also came up with an online credit card theft scheme that happens when you make purchases on an unsecured site.

Here’s how it works. They have the software fixed in such a way that there will be a screen popping up for you to input your personal data (credit card and bank information).

They designed to appear as the FBI to the US and the UK. It will lock down your computer or whatever device you are using, saying that it shows illegal conduct of child pornography or that it is infected. Leaving the user to pay a fine if they want to get their computer or other device unlocked.

Is the phone really off?

Now, there is Malware referred to as Android/PowerOffHijack, which takes over your device. It does this when you are shutting it down, letting you think your device shut down when it’s actually being hijacked without you knowing. At this point, it is able to do things like taking pictures, making phone calls, and whatever else the hijackers want to, since no one is aware that anything wrong is going on.

This is different from the first malware (ransomware) discussed earlier in this article. Android/PowerOffHijack only affects Android 5.0 and above, requiring root access to enable it to work.

The total number of devices that have been infected, as of February 18, was approximately 10,000. However, unless you are in the habit of shopping in Chinese app stores, you shouldn’t worry about this kind of threats.

Malware can be a doormat inside innocent apps

It was discovered back in February that some of Android apps appear to have a code that, when clicked on, triggers pop-ups and will take the user to illegitimate web pages. Among such apps are a solitaire game named Durak, which has been downloaded between five and ten million times; a history app  and an IQ test with over five million downloads each. These apps have been known to start up unwanted app installations, running processes not permitted by law.

Filip Chytry from Avast Antivirus has information that could warn about having this type of malware: when your device is unlocked and an ad pops up, warning you of a problem such as your device being infected, outdated, or having porn in it, don’t panic; it’s most probably not true.

Just so you know, these apps are no longer available in the Google Play store since Google has suspended them. Simply do not download them from any other source, and you will have nothing to worry about.

Sex-tortion through malware

Falsifying profiles of attractive women and using them to lure people to cyberspace is what cyber-criminals from South Korea are doing. Once they get people there, they blackmail them by threatening to release a video of them on YouTube.

This is where you will encounter malware. Perpetrators begin stating they’re having issues with the audio through the software such as Skype, and try to coax people into downloading an app of their choosing, such as a chat app. If the victim falls for it, it steals their contacts in order to send them to the blackmailer. Criminals who do this generally have the plan to extort currency from the victim by threatening to show a video to friends and family if they don’t get the money.

A vulnerability referred to as Android Installer Hijacking

The new vulnerability referred to as Android Installer Hijacking puts almost 50% of Android devices at risk. How it works: each time you download a legitimate app, the installer gets hijacked. Then, the installer allows an app different from the one you downloaded to be installed. It all takes place in the background, as you are waiting for the downloaded app to install.

All devices with Android higher than version 4.4 do not have to worry, they are safe. Third-party app stores such as the Amazon App Store are affected by this vulnerability. This vulnerability was discovered by Palo Alto Networks, and according to them, installing apps from the Google Play store would be the best way to avoid downloading malware.

Malware is a big deal

ransomware for android

A study conducted by Alcatel-Lucent reveals that malware hit 16 million devices in the year of 2014. In the malware report of the Motive-Security-Labs, it is shown that in 2014 (including all mobile device platforms), when it came to malware attacks, Android devices have been infected as much as the windows laptops, by the ratio of 50/50.

There are over 10 million mobile devices used on the Verizon network, and only 0.03% of smartphones per week received a high grade malicious code and got infected.

‘Mobile malware is hardly a problem’, is written in the Verizon’s 2015 Data Breach Investigations Report, in the section titled, ‘I Got 99 Problems and Mobile Malware Isn’t Even 1% of Them’.

Most of the Android malware is considered by Verizon to be merely annoyance-ware, along with other types which only prey on resources, wasting time, and not causing a lot of harm. It feels like they’re saying we shouldn’t worry about malware on our mobile devices.

Mobile devices are not to be ignored, they are just as vulnerable as anything else. Simply said, we should focus on the threats being used, and prioritize. Focus on how they are breaking into our systems right now.

Always stay alert to the risks that prevail, and stay safe. Maybe malware is only a little issue today, but according to the research by a mobile security firm, mobile malware is beginning to have a higher and higher rate. Look at ransomware, for example.

Stay safe

According to F-Secure, 97% of mobile malware is on Android. If this were true it would certainly make Android device’s security questionable. However, it is not likely that malware will be an issue as long as the apps are obtained through the Google Play store. The majority of the malware is found in unofficial app stores, and that’s what the number refers to.

The only time anyone should side-load apps is when they know that the developer is trustworthy or that it is an official app, and its host is trustworthy. Like with Mozilla’s Firefox OS.

Scanning and removal of malware

There is a tool released by Malwarebytes for scanning and removing malware on Android devices. Check out our comprehensive review here.

Malware problems

It is certainly true that there are threats out there that are far more dangerous and more likely to affect us, but we should not let our guard down at any time.

Here are some things to help with keeping your guard up:

  • Know what the signs of an Android malware infection are.
  • Stay informed by checking your device with 360 Security.
  • Never download anything unless the source is completely trustworthy.