Android Malware, Viruses, and Malicious Apps

Fun, useful, silly, informative, productive: Android apps are all these things and more.  In fact, the huge and diverse selection of apps has been one of the primary factors driving Android devices’ surging popularity.  Unfortunately, there’s one more word we should add to the list of adjectives describing apps: dangerous — or, at least, potentially dangerous.

For anyone who has experience with Windows PCs, viruses and malware are nothing new.  But not as many people know that Android devices come with their own security risks.  While the Android OS is generally more secure than any version of Windows, device owners can still inadvertently unleash malicious apps on their device.

Malicious apps can send unauthorized (and expensive) texts to premium numbers, make other unauthorized purchases, and surreptitiously record phone conversations.  Some malicious apps can even steal sensitive personal information, such as account login credentials, credit card numbers, and bank account information.

Most malicious apps can’t install themselves; instead, they rely on tricking unsuspecting users.  The most common form of malware, called malvertising, relies on otherwise legitimate apps to lure a user into clicking on an advertisement that redirects to a fake marketplace offering downloads of infected, or often just entirely malicious, apps.  Other vectors for infection include scanning unknown QR codes and installing apps that masquerade as a legitimate app.

So what’s a concerned Android user to do?  While the only absolutely surefire way to remain malware free is to never download apps or browse the Web on your phone, there are a number of more practical steps Android users can take to dramatically reduce their risk of infection.

Some practical tips you can take

  • Only download apps from trusted sources.  The Android Market, which is built into Android devices, is one such source.  The Amazon App Store is another wonderful source of legitimate and reliable apps.  Many websites also provide direct links to their companies’ apps.  Apps offered on the websites of reputable companies are usually safe, but you might consider downloading them from the Android Market if you want to be especially careful.
  • Ensure that when you do download an app from a company, that the company’s name is listed underneath the app name as the publisher.  Be wary if the company’s name is correct but is miscapitalized or misspelled.   Example of App Publisher's Name
  • Don’t download apps by clicking on an advertisement, even if the advertisement is inside an app that seems trustworthy.  Instead, search for and download the app in the Market.  Besides offering you increased security, apps downloaded from the Market are protected by Google’s consumer-friendly refund policy.
  • Understand that even the Market isn’t 100% foolproof.  Though it’s removed quickly when discovered, malware has occasionally found its way inside the Android Market.  Even more common are “imposter apps” — in other words, apps whose names suggest that they’re from a well-known company but actually aren’t.  Try searching for Netflix or iTunes in the Market sometime, and you’ll see what we mean.
  • If you have rooted your Android device, only grant super user status to apps that you have used before and trust completely.
  • Pay attention to what sorts of permissions apps require before granting them.  A comic strip app, for example, has absolutely no good reason for needing to access your contacts or email.
  • Consider using a Web browser other than the built-in Android browser.  As the most commonly used browser, it is the one hackers are most likely to target.  Free, well-reviewed alternative browsers include Opera, Dolphin, and Skyfire.
  • Consider installing some sort of security or antivirus app that runs in the background.  AVG is a well known security company that offers a free antivirus app, and Creative Apps offers a product called Antivirus Free that only uses about 0.1% of your battery given typical device usage.

Creative Apps Free Antivirus App

If you ever do realize that you’ve been the victim of Android malware, take some comfort in the fact that malicious apps are usually easy to uninstall.  Usually, removing these apps is as easy as going to Settings->Applications->Manage Applications.  From there, select the name of the application you want to remove and then press the “Uninstall” button.  If that doesn’t work, you can try an antivirus app that offers a malware scanning tool, such as Creative Apps’ Free Antivirus tool mentioned above.  As a last resort, you may need to back up your data and perform a factory reset, but few malicious apps should necessitate such a drastic action.

If you’re interested in keeping your Android secure, check out the related posts below! What is your favorite security solution for Android?

Next > Best Android AntiVirus Apps