Bad news, phandroids. Android malware is on the rise.
According to Symantec’s latest Internet Security Threat Report, “17 percent of all Android apps (nearly one million total) were actually malware in disguise.” In 2013, Symantec uncovered roughly 700,000 virus-laden apps.
More than one third of all apps were what Symantec calls “grayware” or “madware” — mobile software whose primary purpose is to bombard you with ads. The company also discovered the first example of mobile crypto-ransomware – software that encrypts your data and holds it hostage until you pay ransom for it – for Android devices.
How to stay safe
The good news is that it’s pretty easy to avoid infection if you obtain your apps from a trusted source, like the Google Play Store. The company doesn’t break out how many of the 1 million+ malware apps were found in the Play Store, but Symantec’s Director of Security Response Kevin Haley admits the number is probably quite low.
“Google does a good job of keeping malware out of the Store,” Haley says. “And if a malicious app does make it in there, they do a good job of finding it and getting rid of it.”
On the other hand, if you visit alternate Android app markets, download apps from app maker’s Websites, get them via email links, or find them on Bit Torrent sites, you run a much greater risk of infecting your phone, he adds.
Other App Stores
Symantec used its Norton Mobile Insight software to crawl more than 200 Android app stores, downloading and analyzing more than 50,000 apps and app updates each day in 2014.
Most of the malware found by Symantec tries to steal personal data like phone numbers and contact lists, which are then sold on the Internet’s black market, says Haley. Some may cause your phone to send text messages to premium SMS services, automatically adding charges to your monthly bill. Other apps may pelt you with ads that pop up randomly over other applications. Some apps even change your default ringtone to an advertisement, Haley says.
The Android malware problem is greater overseas, especially in regions where users can’t access Google Play and must rely on third-party app marketplaces.
Mobango is one of hundreds of alternate Android app marketplaces in the wild. Be careful out there. (Mobango.com)
If you see unusual charges on your bill for premium texting services or ads start popping up where you don’t expect them, those are good signs you’ve got an infection, he adds. Your best recourse is to use a mobile security app to scan and protect your phone.
As for iOS? Symantec found a grand total of 3 malware apps in 2014. All of them required the iPhone to be jailbroken before it could be infected. In 2013 it found zero.
“One of the benefits of Android versus iOS is that it gives you a lot more freedom as to where you can download apps,” Haley says. “But that freedom comes with a cost.”