The final part of the AVG threat report we are going to look at is the ever-growing threat to mobile devices, specifically those that run the Android OS.
Android is now the most popular mobile OS with 100 million devices connected and 550,000 added each day.
With popularity, however, comes a price and in this case it is at the cost of millions of users who suffer some form of attack on their mobile device.
Whilst most Android users are accustomed to the app market, more and more third-party app stores are appearing all the time.
The most common type of attack on Android users are those which are packaged inside a seemingly legitimate app.
This, AVG say, has shown a marked increase this year, with faked popular apps such as Angry Birds appearing more regularly.
Two of the most prolific creators of fake apps are developers known as kingmall2010 and szone – these have created a number of apps that are known to have infected a high number of users.
Both creators have developed convincing-looking apps that appear to be legitimate software, such as calendar and planner apps, ringtones and games.
Kingmall2010 packages contain the DroidDream kit which has the capability of installing itself in the root of a device and sending sensitive information to a remote server.
The developer is very active in third-party app stores and it is thought that 37,000 users have been infected with the dodgy apps. However, this figure is thought to be even higher, as it is unknown how many other sites he has uploaded the app to.
Another recently discovered Android trojan has the capability of capturing and recording all calls made on a device.
Other threats include the ability to call out to premium rate numbers without the users’ knowledge, and advertising scams which charge users to click through to a mobile website.
Whilst the threat to mobile users is growing at an astonishingly rapid rate, there are steps that users can take to protect themselves.
Of course, the first would be not to download apps from “untrusted or pirated” sources – third party app stores are unregulated and dangerous and it is best to stick to the Android Marketplace.
Even then, the open source nature of Android means that it is nowhere near as heavily policed as the Apple App Store and so before you install, fully check through what permissions the app is requesting.
Remember that even apps that look legitimate can be malicious. Crooks are only lazy insomuch as they steal instead of getting a normal job, this doesn’t make them stupid and sloppy though, many are capable of making apps that can fool the most cynical user.
It’s a good idea to read app reviews and look up the developer, it will soon become clear if they are to be trusted with a bit of light research, after all, a little time might save you a lot of cash.
Make sure you have a pin set up on your device and don’t let friends or (especially) children download apps.
When clicking on links on your device, ensure that the web address is valid or relevant to the site that you are visiting.
If your device begins acting up, consider restoring factory settings or, at the very least, give it a scan with a trusted mobile AV solution which is bang up to date with the latest definitions.
Dodgy phone behaviour may include: Decreased battery life; unknown apps being installed without permission; unexpected phone calls and SMS messages appearing on your bill or credit disappearing very quickly.
It is always a good idea to go through your bill if you are contracted, the sooner you can pick up any premium rate charges, the better and the less money you are likely to be taken for.
AVG provide free mobile security software called AVG Mobilation designed to protect users from all the current known threats.
With increasing awareness about the threat to mobile devices, it is to be hoped that we can stem the tide of malware that currently seems to be threatening to overwhelm the smartphone market.