Five tips for avoiding viruses and malware on your Android

Apps Danger

Keeping infected apps off your Android requires common sense more than anything

Android Central University — SecurityIt’s not exactly a secret that Android’s pretty open, and that it’s possible for bad people to do bad things with apps. That’s possible with any computer system, of course. And like any other computer system, Android has checks and balances that help keep you safe. Most of them are done without you having to lift a finger. There are gates that have to be opened for malware to get through, and chances are the bad guys are hoping you’ll hand them the key in the first place.

There are basic steps you can take to help make sure that doesn’t happen.

We’ll walk you through five easy ways for keeping virus- and malware-laden apps off of your Android.

1. If you don’t know what it is, don’t install it

This app is totally safe

Treat your apps like you treat your food. Well, like you should treat your food. If you don’t know what it is or where it came from, you might want to think twice about installing it.

It’s not all that unusual to get e-mail with links to an app — but we’d advise against blindly installing full apk files (that’s the file type for Android applications) you receive in email, or maybe are linked to in spammy text messages. Or even that you find in various forums around the Internet. You simply have no way of knowing what’s in there without some serious hackery.

2. Only install from Google Play or other reputable app stores

App stores

Where would you rather buy your meat? From a tent on the side of the road? Or from the refrigerated case at the well-known grocery store? You’ve got a far smaller chance at getting food poisoning at one of those places.

Where else do we recommend? The Amazon Appstore, for one. There’s a good bit of duplication between it and Google Play, but you should also be able to download in safety and comfort. Well, in safety, anyway. And Amazon’s always running deals on apps.

What would we avoid? Random download locations on the Internet. App stores that seem too good to be true. Anything that promises scores of paid apps for free (and not in a “deal of the day” sort of situation, ya know?).

3. Protect ya neck: Uncheck “Install from unknown sources”

Unknown sources

So, yes. There’s some scary stuff out there. The good news is that, by default, there’s a pretty simple mechanism in place that keeps you protected.

By default, every Android phone that has access to Google Play ships with a lock that keeps applications from outside Google’s store from installing themselves. It’s a safety feature, is all, and not about stifling competition. With that lock in place, you’ll get a warning should an application try to install itself from outside Google Play — whether you initiated it, or not.

Should you need to, disabling that lock is just a matter of ticking the “Unknown sources” box in your security settings. And you’ll need to do it if you want to, say, install the Amazon Appstore.

See Full Story on androidcentral.com

Android Antivirus: 6 truths about smartphone malware

Android is a hot bed for malicious malware. This malware is so dangerous that it can destroy your phone, and even your life if you’re not careful. The worst part is it’s already happening to you right now! There is no place to hide! It’s everywhere! At least that’s what some people want you to believe. Android malware has been a hot topic for several years.

With just a quick search for “malware” on this site you can find many stories about this topic. There are reports from security companies about Android malware being on the rise,infographics for fighting malware, reports of Google patching holes, and much more. It’s time to set things straight once and for all. This is the truth about Android malware.

1. It exists

virus

If you are using something that has access to the internet you are susceptible to malware. Windows, Mac, iPhone, and even Blackberry devices are susceptible to malware. Being able to access the internet makes any device a target for malware. Android is no exception. In the past few years there have been cases where Android devices were infected by malware. The most public cases were from Microsoft’s #DroidRage campaign. They held a device giveaway for anyone that was infected with Android malware.

Still, those are extreme (and maybe fake) cases. Despite what you may have heard Android is actually one of the less susceptible platforms out there. It is estimated that less than 0.001% of app installations are able to evade Google’s security measures. Even though the malware exists it’s not a serious concern for most Android users.

2. Google has security

There are some people who think Android is like the Wild West. They think the sheriff, Google, is out-of-town and everyone is free to do as they please. This is obviously not true. Google has advanced security tools with many layers of protection. The 0.001% of apps that do make it pass Google’s security have to make it through all the levels in the chart below.

image-1-mlod1

That’s 7 layers of security. If the user doesn’t have unknown sources enabled, like most average users don’t, the app won’t even make it past the second level. Android is not the wild west, but it’s not Apple’s walled garden either. Google will let anyone upload an app to the Play Store, but that doesn’t mean they will let it infect your device. They have your back.

See Full Story on phandroid.com

How to avoid the pileup malware exploit on Android

Pileup on Android

Those who can create malware, will create malware — no matter how sneaky they have to be to do so. The latest craze is called pileup malware. The gist of this is a seemingly innocent and harmless piece of software is installed on your device (even with the stamp of approval from your malware scanner). The initial install requires little to no permissions, so it looks perfectly safe. The problem comes when it’s time to update that software. Without needing your approval, the software will upgrade its own permissions, giving it much more access than it originally had — there’s the pileup (and the rub). You now have an official piece of harmful malware on your machine.

This whole process was discovered by researchers at Indiana University. The same team that discovered the pileup process developed an app (called Secure Update Scanner ) that will scan your device for apps that can exploit the pileup flaw. Effectively, the app is run before you update your device to check if there are any pileup exploiting apps present. This is a very important piece of software and should be installed on every one of your Android devices.

Here’s how you install and use this app.

See Full Story on www.techrepublic.com

New malware tries to infect Android devices via USB cable

USBcable

Gone are the days when only downloading from Google Play was enough to stay safe. Anti-virus and security company Symantec has released details of a new piece of Windows malware that tries to infect Android devices when they are plugged into a compromised PC.

The new malware, called Trojan.Droidpak, installs itself as a system service on a Windows PC and then downloads a malicious banking .apk file. It will also probably download the Android debugging tool ADB. Once ADB is installed the malware will wait for an Android device to be connected and then install the banking trojan via sideloading. The good news is that USB debugging needs to be enabled in the Android device for this to work.

The malicious Android app is a variant of Android.Fakebank.B and installs itself as a clone of the Google Play Store. It will then look for certain Korean online banking apps and prompt the user to delete them and install malicious versions from the fake Play Store. The malicious app can also intercept SMS messages and forward them on to a server that is undoubtedly used to help bypass the SMS authentication systems used by the banks.

Although the currently active versions of this malware target Korean banks, the same setup could be used to sideload a huge variety of malware that target banks all around the world, or sideload other types of malware like premium rate SMS apps.

See Full Story on www.androidauthority.com

Watch out for malware on Android

Do you need to run antivirus software on a smartphone? If you have a phone running Google Inc.’s Android operating system, it’s a good idea. In the smartphone world, malware is largely an Android problem, say security experts.
That’s not to say that Apple Inc.’s iOS and Microsoft Corp.’s Windows Phone operating system are invulnerable. But Android presents a bigger and, in some ways, easier-to-crack target, according to the experts.

By Troy Wolverton***See Full Story on www.buffalonews.com

Five tips that will help keep you safe in mobile online space

Here are five tips that will help keep you safe in mobile online space and empower you to do more on your mobile gizmos, with greater peace of mind.

1. Know where danger lurks 
“Malware” or malicious software and viruses have moved to the web—but do you know where you’re most likely to pick up an infection?

Yes, pornography sites are the most hazardous, according to recent research by Blue Coat Security Labs. But in fact mobile users are only visiting porn sites less than one percent of the time. The places mobile users frequently visit that have high risk include:

  • Computers/Technology: When you browse computer/technology-related sites you’re at high risk. An example: one of the first offers of an Android version of Skype was actually malware.
  • Web advertisements: Cybercriminals have been refining “malvertising” for mobile. Recently, for example, an ad for an Angry Birds download was a malicious app that actually made premium SMS calls and then billed people without their knowledge.
  • Entertainment sites: Games and gambling sites are popular destinations for mobile users — and equally popular for purveyors of malware, “phishing” exploits, and phony downloads such as PDFs or browser updates.
  • Search engines: As search engines become more widely used in the mobile online space, search engine poisoning (SEP) tactics are becoming increasingly more prevalent.

See Full story on memeburn.com

How To Protect Yourself From Mobile Attacks

Android is by far the most popular operating system for mobile devices such as smartphones or tablet PCs. But that status also means opportunities for cyber criminals: in 2012 alone, the amount of malware specifically targeting Android users jumped from 17,000 to more than 214,000 samples each month. And malware is no longer being smuggled into the system via app downloads only; mobile e-mail use also offers an easy target. One particularly popular trend is to send links via hacked e-mail accounts leading to seemingly secure mobile Web sites. These sites, though, automatically forward users to subpages that use invisible iframes to scan the precise version of the operating system being used, introduce updates, and enable long-term access to sensitive user data (these are so called multifunction Trojans). The Eleven Research Team offers its six most basic tips for protecting users from such attacks.

See Full Story on darkreading.com

Study: 32.8 Million Android Phones Infected with Malware

Do you have an anti-virus app on your Android phone yet? If not, a new study conducted by security firm NQ Mobile suggests you’re playing with fire: The number of malware threats to your Android phone has increased 163% over the past year alone.

The study, which looked at over 5.3 million apps available in 406 different online stores, identified 65,227 different pieces of potentially dangerous malware last year. A quick look at the trend suggests that malware is growing at an exponential rate – there were only 1,649 such malware discoveries in 2009.

nq-malware-chart-400px

In total, 32.8 million Android phones were infected with malware in 2012 – more than triple the number of the year before. The majority of these infections involve spyware or adware, while about a quarter are designed to steal and profit off of your personal data. A smaller minority is designed to make your phone permanently unusable, something we’d all no doubt like to avoid.

Earlier this year, NQ discovered a new type of Android threat: Malware that can spread from your phone to your computer via a USB cord. That particular attack only affected a small handful of Android users. Still, security experts warn that hackers will continue to find these new and inventive ways to steal data, even from the most cautious among us.

Android malware is a rapidly increasing threat, but there are some simple measures you can take to buff up your phone’s security. Be sure to look at theTechlicious guide to mobile security, where we break down some of your best (free!) choices for smartphone anti-virus protection.

Study: 32.8 Million Android Phones Infected with Malware [via techland.time.com]