Mobile Security Threats Targeting Android Devices

The use of mobile devices is increasing: according to Tech Crunch, the mobility company Ericsson predicts that the number of smartphone users in 2020 will be more than six billion, which would exceed the number of landline users. Why? Due to the importance that phones and tablets are acquiring as a result of the “bring your own device” (BYOD) policies promoted by companies, users can access corporate networks with personal technology.

However, this increased use leads to an explosive proliferation of mobile malware, which is malicious code designed to attack phones and tablets.

Although mobile malware does not yet reach the level of PCs in terms of complexity and volume, IT security professionals are identifying more specific types of malware targeting mobile devices aimed at attacking the functions of apps and the vulnerabilities of mobile devices. Let’s analyze some of the common types currently in circulation:

  • SMS Trojans:

Cybercriminals infect smartphones by making use of what users value most. SMS Trojans cause financial mayhem by sending text messages to premium rate telephone numbers worldwide, which exponentially raise users’ telephone bills. Two years ago, many mobile devices were affected by trojan that managed to intercept SMS containing information on financial transactions. They also emailed a copy of a text message that provides cybercriminals with all the information they need to penetrate the financial accounts.

  • Mobile Adware:

Adware has come a long way since its inception based on annoying pop-up windows and as a data collection tool. For many adware creators, the earnings depends on the downloads and clicks they get and there are those who currently create mobile adware capable of infecting and installing in the root system of your device, thereby It forces you to download specific types of adware and allows attackers to steal personal information.

  • Malware through MMS:

Malware creators are also looking for ways to take advantage of text communications to propagate it. As noted by CSO Online, vulnerability in the Android media library, Stagefright, allowed attackers to send a text message with embedded malware to any mobile phone number. Even if users did not open or acknowledge the message, the malware could be deployed, allowing attackers to access the root system of mobile devices. Soon a patch was created for this problem, but it was not effective in preventing infections through text messages.

  • Mobile Spyware:

Spyware downloaded as a program to your device monitors your activity, saves your location and retrieves important information such as usernames and passwords from email accounts or ecommerce websites. In many cases, spyware is provided with other seemingly benign programs and collects hidden data in the background. You may not even notice the presence of spyware until the device slows down or starts the scan engine on your mobile device.

  • Mobile Ransomware:

Ransomware, which first became popular as a threat to PCs, “blocks” important user data and then demands for a ransom that must be paid to the creators of the malware. If the victim does not pay the ransom in a timely manner (generally, using bitcoin), all files are deleted or blocked and the user can no longer access them. According to the International Data Group (IDG), 74% of companies registered a security breach in 2015, and ransomware was one of the common threats. The creators of the malware took advantage of the improved performance of the phones and the internet to encrypt the data stored in them.

  • Malware targeting banking:

As pointed out by Dark Reading, mobile malware aimed at banking is increasing given the preference of users to perform all their business transactions from their mobile devices. Over 1.7 million malicious installation software were identified in the third quarter of 2015, many of which are trojans designed to penetrate devices, install and collect login information on banking sites that are then sent to a server.

Measures to protect your device

So, how can you keep your mobile device free of malicious code? Apply these simple measures:

  • Mobile malware is on the rise because attackers redirect their criminal activities to phones and tablets. This is consistent with the rise of attacks on global mobile markets. To stay safe, you must recognize the risks to which you are exposed, understand common threats and apply basic recommended procedures to protect your mobile devices.
  • Do not release or access the root system of your device. If you do, the chances of infection from unreliable external sources will be greater. Keep the root system as it is and enjoy the benefits of automatic security updates and patches.
  • Install an antivirus protection solution. Currently, antivirus and anti-malware solutions, Web Application Firewall (WAF) for mobile devices are appearing on the market; install a solution from a trusted source and run it to verify that your device is clean. Also, beware of malware programs that disguise themselves as antivirus protection; try to download only legitimate applications from reliable sources.
  • Be consistent. Download applications only from reliable sources; this guarantees that the applications are legitimate and not repositories of mobile malware.
  • Monitor your email. Perhaps you have changed your device but you can still be vulnerable: numerous attackers can continue to use e-mail attachments to infect your device. Do not click on email links or other messages, as they can direct you to phishing or malware websites; this measure applies to all mobile platforms.
  • Use secure Wi-Fi networks. Although this will not prevent you from navigating to an infected website, the use of password-protected Wi-Fi connections prevents unwanted people from spying on or running intermediary attacks on the mobile device between your device and the Internet destination you want to visit.

You can install apps that will help you with the security of your device. You can contact top app development companies and protect your important data from cybercriminals.