Like many other Android users, I’ve taken notice to reports that Android malware is on the rise and take precautions to make sure a malicious program doesn’t take my smartphone (or personal data) hostage.
Just like the malicious files and programs that attempt to make their way onto our PCs, malware targeting Android phones often gain entry by using underhanded tactics like posing as legitimate apps.
With that said:
How to Spot Malicious Android Apps
- Checking the number of downloads and reviews.
If an app is claiming to be a popular gaming app, say Angry Birds, then the app statistics should reflect the game’s insane popularity by displaying over 50,000,000+ downloads and nearly a million user reviews. If it doesn’t then it’s likely a malicious application in hiding.
- Always check the name of the developer.
Since the bad guys tend to copy the look and feel of popular apps in order to trick unsuspecting users into downloading malware, it’s a good idea to check and make sure that the right developer is offering the app. Not sure who created that popular gaming app you love? Take a moment to Google it!
If you’re going to download a paid app, researchers at F-Secure offer this advice:
A useful tip for users out there is to search for the paid version of the app and take note of the developer's name. If the name on both paid and free versions matches, then it is very likely to be a safe app. Otherwise, don't proceed with the download.
- Scrutinize app permissions BEFORE clicking 'accept & download'.
Whenever you click the 'Download' button for an app, you are shown a page that lists the permissions that you will need to grant the app in order for it to work. Be sure to carefully review all of the permissions that the app is requesting and make sure they are within reason. For instance, why would a free game app have “Services that cost you money: send SMS or MMS” listed under permissions?!
- Only download apps from trusted sources.
This can be very tricky considering that the official Android Market is not available in all countries (like China, for instance) and Google doesn’t even bother reviewing apps that are submitted into the official Android Market. While it’s true that some ill-intended developers have snuck their naughty apps into the official Android Market, Google does take notice and will remove them as needed. With that said, do a little research in your country to find out the safest Android market to get your apps and be vigilant when selecting apps to download. If you're not comfortable with the official Android Market, maybe it's time you check out Amazon's Android market.
For the record, a few developer names that have been linked to malware apps are Logastrod, Miriada Production, Eldar Limited, Myournet, Kingmall2010, & we20090202.
Stay safe, my fellow Androidians!
Follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest tech news and PC security alerts.