Android Articles

5 Essential Steps Protect It From MalwareAndroid Phone Security Issues

Protecting Android OS from Malware

Until the arrival of the trojan known as DroidDream, people doubted whether mobile malware could pose any real threat for users of Android phones. As expected, it generated quite a scare. After all, the mobile virus was the most complicated and refined Android malware ever detected. It also claimed the distinction of being the first mobile virus to come out on Google’s App Market, beating all other malware for the notoriety. A nightmare for users, the trojan found a way to “root” any phone it was installed on, which yielded total control of the unit to the developers.

It is understandable that as an Android user, you may be concerned about your phone’s security; however, there is really no reason to be alarmed. Practically all virus threats to mobile phones need some kind of willful action from the user to get in and be able to do harm. Malware cannot just penetrate your phone and install itself. It can, however, disguise itself as a legitimate application to lure you into installing it or it can sneak in when you install an application it associated itself with. This was proven by the DroidDream incident.

It is understandable that as an Android user, you may be concerned about your phone’s security; however, there is really no reason to be alarmed. Practically all virus threats to mobile phones need some kind of willful action from the user to get in and be able to do harm. Malware cannot just penetrate your phone and install itself. It can, however, disguise itself as a legitimate application to lure you into installing it or it can sneak in when you install an application it associated itself with. This was proven by the DroidDream incident.

According to John Hering, CEO of Lookout, a software company that focuses solely on mobile device security, “The frequency and sophistication (of malware) has substantially been increasing. It started off as merely being more of information theft. This was actually (a case of) root exploit. Once it (DroidDream) hacked the phone, it subsequently dropped a command-and-control infrastructure. And it gains complete control, just waiting to be told what to do.”

The scare led Google to eventually delete the offensive applications from users’ phones and patches were provided to avoid further exposure to the virus. In the first place, DroidDream would not have spread had overzealous users observed some simple anti-malware procedures. Following are some useful tips and information that Android users need to know to protect their phones from software threats.

5 Easy Steps To Protect Your Android Phone

1. Download applications only from trusted sources

This is a generally accepted virus protection rule applicable across all platforms. In the case of DroidDream, legitimate apps were pirated by unscrupulous developers who re-posted them with the trojan on the Android market under slightly different names.

When you look closely at the screencaps of the bogus apps, you will notice that they use generic Android icons rather than the more eye-catching graphics legitimate developers would normally use. Likewise, the names some of the developers use like “Kingmall2010” and “we2009202” are indicative that these guys are up to no good.

Android’s open nature policy virtually allows developers to liberally post new applications on the App Market. While Google does some testing, it doesn’t really filter applications like what Apple does with its iOS. Although the policy afforded Google tremendous growth for the platform, the price is the susceptibility to virus threats like DroidDream. Users should, therefore, exercise proper caution before downloading. If the app is not from a familiar source, do some research about it. Read product reviews and ratings and take a close look at the app’s permissions. For example, be suspicious if a simple wallpaper app would need access to your personal data.

2. Use a password to protect your phone

This is very simple and yet not too many people strictly observe. Using a password is the easiest form of defense for your phone against unauthorized intrusions. A fingerprint lock would even be more advisable. Although a phone lock does not guarantee full protection, it will at least eliminate most types of physical threats like theft and unauthorized use of your phone.

3. Immediately install OS upgrades as soon as they become available

In the DroidDream incident, the hackers exploited known Android weaknesses to launch their attacks through the malicious apps. Those weaknesses have since been patched in latter versions of the OS. Because Android is fragmentized, it may be difficult to determine the possible upgrades your mobile phone can upgrade to. Be that as it may, you must initiate installation as soon as you receive an upgrade notification. This is because with every update, Google consciously seals all known gaps malware proponents can take advantage of.

4. Never view sensitive information using public Wi-Fi

Wi-Fi is admittedly one of the most valuable inventions made for computers during the last decade. It provided wireless internet access to practically all coffee shops across the country. However, it has also caused a security problem – any other person in the vicinity can get into the same network you are in. Especially when using unsecured Wi-Fi networks, always think twice before using a banking app or engaging in any other similar sensitive/private activity.

5. Make sure to install a mobile security app

If at this point, you are already applying the previous tips, this one may not really be necessary. A mobile OS is basically more secure than its PC counterpart and is more isolated. However, an extra precautionary measure like installing a security app from a trusted source cannot do you any harm. Anyway, such apps are usually free and they provide extra features as well.

A security app from Lookout, for example, can scan all apps installed on your mobile phone and give you information on their permissions. This can prove useful particularly if you randomly download Android games. In the same way, most major PC security providers like Symantec, Norton, McAfee, and Juniper also make available free security apps.