Android smartphones rock, but whether you use Avast, Lookout, the new Sophos, or another freebie antivirus/security app, you better lock and load to protect your Android before you become a victim and a stat.
Android, once dubbed a “cyber menace,” is too popular, too juicy and potentially too lucrative of a target for malware writers to ignore. In fact, a new F-Secure report suggests malware writers are getting craftier by creating trojanized apps that can defeat anti-virus detection. F-Secure released its latest mobile threat report [PDF] concerning the first quarter of 2012 and Android malware has grown exponentially. Since a year ago, the number of new malware variants have quadrupled and the number of malicious Android application package files (APKs) had a “staggering” increase of “139 to 3063 counts.”
According to F-Secure:
Today what we’re seeing are malicious Android applications that have bundled legitimate apps such as Rovio’s Angry Birds Space. First the malicious “wrapper” tricks and manipulates the user into granting permissions that allow the malware to subscribe to premium rate services. But then….then malware actually does install a working copy of the promised game. At this point, there is little to be suspicious of and nothing to troubleshoot. The user gets the game that he was promised.
After identifying a fake antivirus scam making the rounds on Twitter, GFI blogged about the growing Android malware threat; if this rogue antivirus APK file is downloaded, it shows the Kaspersky logo. “Such Tweets are equally accessible to computer (desktop, laptop, and tablet) and smartphone users. There is no doubt, however, that smartphone users on Android are particularly targeted by these spam.”
A new NSA mobile risks fact sheet [PDF] said the newer generation of smartphones are more resistant to cyberattacks, but also listed the attack categories against mobile devices, including vectors, sophistication level of effort required to deliver the mobile cyberattack, and mitigation.
Here’s a screenshot of the free Sophos security app:
The Privacy Advisor comes with three different filters which can be turned on individually or all turned at once to list apps “that may cause costs, harm your privacy, and access the Internet.” The scanner protects against malicious apps “and other risks” and detects “even the recent fake anti-virus nasty, which attempts to send expensive SMS messages to premium-rate services.” F-Secure’s Mikko Hypponen warned about this type of mobile malware two years ago in “You will be billed $90,000 for this call.”
The loss and theft portion of the Sophos app requires Sophos Mobile Security to be activated as the device administrator to locate or lock a lost or stolen Android. When asked about permissions, Graham Cluley explained:
Some folks have asked why the app requests rights to send SMS messages and access your contacts. When you do a remote lock or locate, the app sends you an SMS with latitude/longitude or confirmation that the lock was successful. Access to contacts is required because the user specifies from which other phone numbers they might wish to remotely lock/locate their missing Android. You can choose those numbers from your contacts.
Do you use a freebie antivirus app to protect your Android smartphone or tablet? Besides Sophos Mobile Security Beta which currently has a 4.9 average rating from 18 users, of the freebies, Lookout Security Antivirus has a 4.5 average rating and is installed on 303,730 Androids. I liked Lookout but the privacy and safe browsing are not free.
Avast put together this comparison chart of free antivirus Android apps.
avast! Mobile Security has a lot of free features that most security apps do not. Google Play lists it as having an average rating of 4.7 from 47,590 Android users. The firewall only works for rooted mobile phones.
It’s like some kind of unpleasant mantra that mobile malware is on the rise and Android smartphones are dead-center in the crosshairs.