At eight years old, Android is hugely popular. Both
with users and attackers
Happy Birthday Android! It has been eight years
since the Android project was officially released and introduced to the public
– on September 23rd 2008 to be exact. In that short time, Google’s
platform has rocked the mobile universe.
As the latest stats from Gartner show, Android now
controls over 85% of the
smartphone market and is by far the biggest player in the tablet market
as well. However, that huge share also has its drawbacks – it makes the
operating system very attractive to cyber aggressors, who aren’t sitting idly
by and waiting.
cyber aggressors are on a never-ending quest for
yet unseen vulnerabilities to exploitInstead they’re coming up with new
techniques to attack an increasing number of victims, on a never-ending quest
for yet unseen vulnerabilities to exploit. A great example of this surfaced
just a few weeks ago at the DEF CON 24 Hacking conference.
White hat security researchers revealed they had
found four Android vulnerabilities, collectively naming them QuadRooter.
According to their report, any of the four can be exploited by cybercriminals,
providing them with access to smartphones and tablets equipped with Qualcomm
chipsets, which adds up to around 900 million Android devices.
On top of that, cybercriminals are trying to misuse
this situation, luring users into a trap by offering them fake apps
promising to fix the security glitch. Unfortunately, that is not
what those apps actually do. On the contrary, these programs serve users ads or
just make them pay money for nothing. But this kind of deception is nothing
new.
Despite the Google Bouncer and human review that
work to block malicious content, several fake apps mimicking the popular game Pokémon GO
appeared on Google Play. Amid the media-induced hype around the game, most of
the copycat apps were serving users scareware, ads and surveys. One of them
even froze the target devices and forced users to restart their smartphone by
removing the battery.
Social engineering and phishing is also not
uncommon when targeting Android users. At the beginning of the year, a fake app
on the official market posing as Instagram offered potential downloaders a
route to gain followers. However it was actually harvesting their social media
account credentials in order to sell them.
Looking at some statistical data from earlier this
year, the attackers were able to push over 340 malicious porn
clickers into Google Play in just 7 months (between August 2015 and
February 2016), with the average number of downloads reaching as high as 3,600
per fake app. These figures may actually be much lower than the true picture
given that there are 1.5 million apps on the official app store.
What all these cases have in common is the fact
that cybercriminals are trying to copy popular apps in order to attract as many
victims as possible. If the malware is uncovered, they’ll often just make a few
changes, repack the app and try their luck again. With this technique they are
able to repeatedly infect large numbers of users with minimal effort invested
into redesigning the malicious code.
The situation is worse at various unofficial
markets, where even nastier malware is to be found. Very popular amongst
PC-targeting cybercriminals, ransomware has already made its way to mobile
platforms and ESET has seen both main types – lock-screen
as well as crypto-ransomware.
So what’s the take through eight years of the
Android story? The larger the platform and its user base gets, the more it’s
targeted by cybercriminals. Thus, hoping for the best and letting its creators
keep it secure isn’t enough. Instead, users should go the extra mile and follow
a few basic principles to avoid unnecessary trouble:
·
First of all,
keep your devices up to date, ideally set them to patch and update
automatically, so that you stay protected even if you’re not among the most
security savvy users.
·
If possible,
stick with Google Play or other reputable app stores. These markets might not
be completely free from malicious apps, but you have a fair chance of avoiding
them.
·
Prior to
installing any app, check its ratings and reviews. Focus on the negative ones,
as they often come from legitimate users, while positive feedback is often
crafted by the attackers.
·
Focus on the
permissions requested by the app. If they seem inadequate for the app’s
functions, avoid downloading the app.
·
Use a
reputable mobile security solution to protect your device.