Now that you spend more time using your mobile devices than you do your desktop or laptop computers, you may believe that you are less vulnerable to the various types of malware known to infect those older technologies in droves. Unfortunately, you would be mistaken. Malware is a growing safety and security threat for Android users in particular, with a single program of Chinese origin recently infecting over 100,000 devices. Read on to learn more about the threat and what you can do to protect yourself against it.
How Big Is the Threat?
If a device has Internet access, it is at risk for malware infection. One study by a major telecom company indicated that nearly one in three Android apps are “potentially malicious,” which means the odds of downloading a clean app from Android Market are only a bit better than winning at Russian roulette. Many of these apps are dangerous because they have the ability both to track your physical location with GPS technology and to peruse your contacts lists. The same study found that about 30 percent of Android apps can track your location and 8 percent can access your contacts.
Some Android malware threats are bigger than others. One in particular has enjoyed tremendous success, if you want to call it that, recently infecting its 100,000th phone with no sign of slowing down. It’s known as the MMarketPay.A Trojan, and it sneaks onto users’ phones from sketchy third-party app stores that circumvent the Android Market to offer cut-rate programs. Many of these third-party dealers are based in China, where intellectual property laws and tech-security precautions are a bit laxer than in most Western countries. What’s worrying about MMarketPay.A, though, is the fact that it is professionally designed and seems to be tacitly sanctioned by China Mobile since it connects its users to M-Market, the company’s official app market.
How Does It Work?
MMarketPay.A hits you where it hurts the most. The program forces your phone to download apps and content from M-Market, often without your knowledge, racking up some serious extra charges on your account. You’ll figure out that something is wrong once you get your first post-infection phone bill, but you will probably need an Android expert to scrub your device of the troublesome program.
This particular trojan has two scary characteristics that, thankfully, have yet to be replicated en masse. First, it can byapss the app store’s password prompt with a unique verification code that fools the store’s gatekeeper software into granting access. Even more worrisome is its ability to neutralize Captchas, the security protocols that require you to copy distorted characters into a text box to prove that you are human: it can copy and refine the distorted image into something that the program will accept, then upload it remotely. Most of the time, the uploaded Captcha is indistinguishable from the real thing.
To protect yourself against the growing mobile-malware threat, download mobile antivirus software from a reputable distributor and run it manually every time you download a new app. You should also avoid unknown third-party app vendors, carefully researching each venue before accessing it. Finally, don’t be fooled by imitators: if a program or author name is similar to but slightly different from a well-known app or creator, then it is probably illegitimate.
Alissa Rife blogs about mobile phone technology for www.mobilephones.org.uk, a website where you can sign up for the newest phone models and get cheap calling contracts.
If you wish to write for us, kindly check out the guidelines to write a guest post.