Valerie’s Android phone was behaving in an odd way, like it was possessed. The thing had a mind of its own, sending garbled texts and gambling. Is it a ghost? Or has it been hacked?
Valorie locked down the phone when it was charging so it wouldn’t purchase poker chips. One day she forgot to lock it and it went on a shopping binge. Packages began appearing at her doorstep.
Obviously, someone had access to her credit card number. But how? And what could poor Valorie do to disable this thief?
The reality is that millions of mobile devices get infected. But police officers won’t bother with this. Valerie cancelled her credit card and deleted the “possessed” apps. Then she crossed her fingers.
How do mobile phones get attacked?
A study showed that 86 percent of Android malware employs “repackaging.” Here’s how it’s done:
- Download an application
- Decompile it.
- Add malware.
- Recompile the app.
- Submit it back into public circulation—after changing its name.
- Someone else downloads this changed-name application, and the malicious payload infects their device.
- A repackaging variation, “updating,” involves adding a code that will tag a malicious payload at a later date.
How can you tell your mobile has been infected?
- It begins behaving oddly. Something is off—sometimes slightly, sometimes blatantly, such as the device is sending your address book to a foreign IP address. Hook your mobile to a WiFi and see where it sends information to.
- Unfamiliar charges on the bill. Malware on a phone will produce unauthorized charges. The device is hooked to an accounting mechanism, making it a snap for thieves to send premium SMS text messages or make in-app purchases—which cost you money.
How can you protect your mobile?
- Keep its software up to date: easy to do on iOS but difficult on Android.
- Some phones cannot be updated; these phones have OS vulnerabilities within them, making them open to attack. Users end up downloading malware which uses this OS vulnerability to infect the device.
Android vs. iOS for security
- iOS beats Android for security against malware.
- Apple placed restrictions on application functionality (e.g., premium SMS messages can’t be sent), which is why Android isn’t as secure against malware as is iOS.
- Another reason: Android’s app review process is not top-notch at screening out bad applications (but it’s improving).
- Both Android and iOS allow your personal data to leak out to ad networks. This isn’t considered malicious since a user may wish this to occur.
Scope of Problem
- The verdict isn’t quite out on this.
- Some say the problem is limited just to third-party app sellers and this can be avoided by going to iOS’s or Google Play’s app store.
- Others believe everybody has a compromised application on their mobile.
- More research is warranted to define scope of problem.
Who should protect the user?
- The app maker? The carrier? Or the operating system provider?
- Nobody has taken this responsibility currently. It’s kind of like a “that’s not my problem you downloaded a malicious app that we didn’t write,” or, “You wanted it; I only delivered it—not my problem.”
- The buck is passed because user protection is expensive.
Solutions for Protecting Your Device?
- It would be great if the app store could provide very in-depth screening for all the types of malicious actions that apps can perform.
- The caveat: This isn’t in the platform provider’s best interest because they want their store to carry a lot of applications.
- Stores want more and more apps, and better ones, and don’t want anything to slow that process down.
- Data can be secured when you communicate via a wireless network with a VPN like Hotspot Shield VPN. All web transactions can be secured via https.
Robert Siciliano on Google+