Android News

Why Android phones are targets for Trojans (and how to protect your phone)

March 8, 2011 | by Andrew Kameka

Android OS

security

Android phones are as open to viruses as Android is open to app developers and phone makers. A recent batch of malware in the Android Market suggests as much when attackers managed to obtain data of thousands of people, sparking a wave of questions regarding Android’s security. It wasn’t the first time people have ask how safe is Android, and it definitely will not be the last.

Google responded to the Android Market security breach by noting that it quickly removed the affected apps, suspended the developers, and remotely deleted the apps from affected phones. Google believes only device identification data was leaked, but there’s a possibility that other private information may have been released. An update to the Android Market is also being sent to undo the exploit.

It’s good that Google responded so quickly, but this attack leads people to ask “Is Android safe?” At the moment, I would say yes. I’ve literally used thousands of Android apps and have yet to come across any that were malicious. By using common sense and paying attention to the security permissions requested by every app that I install, I’ve thankfully managed to avoid any security threats (knock on wood).

I’ve dismissed previous so-called virus outbreaks as misleading representations or scare campaigns by security companies; that is not the case here. Android is more susceptible to attacks than other operating systems, and it will continue to be that way because of two key factors.

The Android Market is the Wild, Wild West

The Market is mostly controlled, but with more than 150,000 apps to track, it’s easy to see how the inmates might sometimes run the asylum. Francois Deslandes, the developer of Pure Calendar Widget, recently contacted us saying that someone had managed to post a fake version of his app in the Android Market. The fake app used the same name and title as the real Pure Calendar, but it asked for the ability to send messages and share personal information that Deslandes never included in his app. Someone managed to replicate Pure Calendar for the sole purpose of tricking others into downloading and turning over information.

While other app stores have burdens to entry or include a pre-screening process, the Android Market requires only $25 and clicking “Publish” to see your app available within minutes. Though Google does monitor the Android Market and rely on reports from users about defective products, it’s not a fail-proof system. Something malicious can spread to thousands of people before it is discovered and removed. The Android Market also hosts dozens of apps that violate copyright laws and Google’s terms of services, a sign that plenty of apps fall through the nets of Google’s security sweeps. Most are eventually taken down, but not right away.

Malware is a numbers game

In the Mac vs. PC debate, I often hear people say that Mac’s are better because you don’t have to deal with virus threats. Actually, Mac’s are susceptible to security breaches, too. You are less likely to face a malware attack on Mac OS because people who devise these exploits tend to focus their attention on PC’s, which account for 90 percent of computers.

Android may face a similar fate in the smartphone wars. Because the most popular smartphone OS is Android, and smartphone adoption increases so rapidly, it makes sense for hackers and malware creators to focus their attention on the platforms that will yield the best result. There’s less of an incentive to attack iPhone users if the App Store has an infamously harsh screening process (that’s not to say that iOS is impenetrable). Someone could hide their code in a webOS or Windows Phone 7 app, but what’s the point if those two systems combined don’t add up to the number of Android users who could be affected by your attack? Android provides nefarious programmers with the right amount of freedoms and user base to make it the most attractive to attack.

Conclusion

The freedom Google affords developers creates a better system for choice. However, that freedom has an unfortunate side effect of creating a world difficult to police. Preventing a bonafide malware outbreak is a tall order that Google has mostly done well to fill.

I feel confident in saying that Google will continue to monitor the Android Market and protect Android phones from most dangers. That doesn’t mean it will be successful in blocking every potential attack, so it’s wise to remind you about how to prevent attacks.

  • Download only from trusted sources. If you want to sideload apps, do only because it’s an APK from a trusted distributor (Gameloft, Getjar, etc.) or developer from a forum you frequent (XDA). Avoid links sent via SMS, email, or wares sites, or app repositories.
  • Read the security permissions. We can’t stress this enough. Security permissions give clues about what type of app you are downloading and should be checked before installing anything. Read more about it here.
  • Avoid high-risk apps. When you see apps promising material that is illegal (free MP3′s) or questionable (sexy babes), you’re more likely to end up in trouble. Get your music and smut somewhere else.