Embed Size (px)
Citation preview
The Ultimate Android Virus Guide – How to detect, get rid and keep them
away Everything you need to know about Android viruses Remember those days when getting a virus on your PC seemed like the end of the world? Well,
it turned out that not all of them were than bad and antivirus software managed to remove them
from your computer, alongside all their threats.
Today, we moved to smartphones. Since we use them most of the day, some badintended guys
though about exploiting this and developed some pretty nasty bits of code which could get into
our Android powered phones and do bad things. Just think about how much much information is
stored on your smartphone: emails, passwords, bank accounts and many more. Yes, ladies and
gentlemen, we’ve reached that point in which we are talking about smartphone viruses, hunting
down your data.
Apparently, there’s a pretty big amount of Android malware running free on the Internet right
now, but if you’re well informed, you can keep your phone virusfree, without the risk of exposing
your data and other valuable information.
So, without much further ado, here you can find everything you need to know about Android
viruses: what are they, how dangerous can an infection be, how to get rid of them and, most
important, how to stay away from such things. Or, simply put, the ultimate Android virus guide,
provided by UnlockScope, the easiest, fastest and safest method to unlock your phone, giving
you the freedom to use it with the carrier of your choice and helping you save hundreds of dollars
when you travel internationally.
What’s an Android virus? First of all, let’s make one thing clear: Android viruses are not technically viruses.A virus is a
chunk of code hidden in something that appears to be useful, like some kind of magic file
management tool. After it’s installed or accessed, it starts spreading like crazy all over your hard
disk.
Remember the good ol’ days when some of your friends had a pretty interesting status on
Yahoo! Messenger, which, right after being clicked, led you to a fishy site and bam!, you were
infected? That’s an example.
On Android, things work a bit different, using the sandbox approach. In order to start executing a
process, an app requires approval from the user. Still, not even after receiving it, accessing data
from anywhere cannot be done, so the infestation cannot take place either.
Therefore, currently we don’t have any Android viruses. Currently, yes, as we don’t exclude the
scenario in which, somewhere in the future, someone figures out a way to trick this sandbox
approach and apps will start installing without the user’s approval.
The things you need to stay away from, as an Android user, are malware, adware, spyware.
Also, we’re going to focus a bit on ransomware too, since this is maybe the most dangerous type
of virus you can encounter.
Malware This is what you should avoid at all costs. According to Wikipedia, it’s short for malicious
software and represents any software used to disrupt computer operation, gather sensitive
information, or gain access to private computer systems.
What malware does is collecting data and send it to servers you don’t recognize. Still, don’t
forget that it can’t do this if don’t authorize it. Ok, so how on Earth does it end up doing such
horrible things? After all, you see all the permissions it requires when installing it, right? It doesn’t
say anywhere “Requests access to your credit card number” or something like that.
Well, it kinda does, but the thing is that you can’t see where it says this. Usually, it uses text the
same color as the background when it shows you the permissions, which is very hard to detect.
Not to mention that there are basic apps out there, like the ones you use for wallpapers, which
require pretty weird permissions. As yourself some questions before granting them access to
your data.
Hot to get rid of/avoid malware
There are a couple of Android antivirus applications that can do this. They come with a database
of malware instances and once you install them, they start looking for their signatures and try to
uninstall them.
If you don’t want to try this type of apps, pay a lot of attention before installing anything on your
phone. Google is known for constantly checking the Play Store for apps which could harm your
phone and data, but once again, make sure to read the reviews and all the permissions required
before installing one.
You can find more details about how to protect your Android device from malware in Dan
Graziano’s excellent article, written for CNET.
Adware According to Bill Snyder, from Info World, this is actually the biggest threat for Android phones!
You’ve definitely came across it, as it can take different forms, like popup messages that look
like system notifications, informing you that your phone is running slow and inviting you to install
an app to solve the problem. Sounds familiar, isn’t it?
You you are uninspired enough to actually tap on them, you will be redirected to some suspicious
app stores and end up with an app that will send premium SMS, behind your back, and collect
tons of data, according to Avast’s malware analyst Filip Chytry, cited by BBC.
Keeping it short, stay away from any ads that promise waytoogoodtoseemreal solutions for
your phone’s problems, various prizes and generally, free stuff.
How to get rid of/avoid adware
Even though it might seem stressful, you can actually get rid of those pesky apps. First of all, do
the first thing that you can think off: uninstall it. But don’t use the classic way!
Go to your phone’s Settings menu > Apps > Application manager. A list with all your apps,
including the malicious one will show up. If there’s anything you know you haven’t installed,
that/those are the one/s you should uninstall.
The thing is that all this malicious apps leave traces, so you’ll have to clean after them. In order
to do this, you can try a few dedicated antivirus apps, but make sure they’re made by reputed
companies, likeAvast, for example. Their free Mobile Security app will scan your phone and get
rid of any potential threats.
Spyware Spyware is something pretty similar to adware, as in most cases, it doesn’t do anything else than
what’s advertised. Also, almost all smartphones have spyware on it, at some level. You didn’t
see that coming, we bet. They do get to know your location and other details you allow them to
when installing them, right?
Besides this, they collect data, in order to send you relevant ads, which can be a good thing if
you actually click on inapp ads.
Another category of spyware is carrier spyware. Carriers like to know how you’re using a phone,
so most carrierbranded devices can see everything you’re sending through a specific network.
But once again, don’t panic, as they use this data in order to improve their services
How to get rid of/avoid spyware
This is easy. Just pay a lot of attention to the permissions apps require when installing them. As
for carrier spyware, you can flash a custom ROM, but unless you know exactly how to do it, our
recommendation is to avoid this.
Ransomware Finally, a malwaretype virus that caused a lot of trouble is ransomware. Besides preventing or
limiting users from accessing their system, ransomware forces its victims to pay the ransom
through certain online payment methods in order to grant access to their systems, or to get their
data back. Some ransomware even encrypts files (called Cryptolocker), as stated by WikiPedia.
Until now, ransomware viruses were targeting only computers, but they’re becoming present on
Android smartphones too. According to Ruchna Nigam, Security Researcher at FortiGuard Labs,
made a short list with three of the most dangerous ransomware viruses for Android:
Fake Defend – Discovered in July 2013, it acts like a fake antivirus app, asking users to pay for
a license after a fake scan, showing a list of viruses apparently present in the system.
Effects: If the user decides to pay, credit card details are copied to the server. In addition,
whether or not the user pays, the virus closes certain services and other processes associated
with the antivirus.
Eventually, it will damage Android system apps installed on the SD card, with the ability to delete
any application and ROM backup.
Finally, after six hours after installing, the phone’s screen will lock and the lock/unlock button
won’t work anymore
Phone use after virus infiltration: Difficult initially, impossible after six hours
Ransom: $99.98, payable with credit card
Uninstalling: Impossible without resetting the device to factory settings
Damage to user data: User data won’t be damaged, but the backup will be lost.
Cryptolocker – Discovered in May 2014, it appears as a video download app called BaDoink.
Even it if the virus does not harm your data, it will display a customized lockscreen, depending on
your geographical position. The lockscreen is lit every 5 seconds, leading to a faulty phone use.
Phone use after virus infiltration: Difficult
Ransom: $300, via MoneyPak
Uninstalling: Reboot in Safe Mode and reset to factory settings
Damage to user data: User data will not be lost
Simplocker – Discovered in June 2014, it appears as an app infected with a Trojan, such as
Flash Player. This is actually the first real ransomware virus for Android, as it’s able to encrypt
your phone’s files. Infested devices are locked and the display shows a message claiming that
you need to pay in order to unlock your phone.
Effects: Encrypts files with extensions like .jpeg, .jpg, .png, .bmp, .gif, .pdf, .doc, .docx, .txt, .avi,
.mkv, .3gp or .mp4, triggering the AES algorithm. The virus is using the TOR software to
communicate regularly with a server that responds to deactivating commands.
Phone use after virus infiltration: Difficult
Ransom: 100 rubles, via Qiwi Wallet Visa
Uninstalling: Reboot in Safe Mode and reset to factory settings
Damage to user data: Files are encrypted
How to get rid of/avoid ransomware
After your phone is infected with ransomware, you might deal with some serious issues, so our
recommendation is to make sure that your phone is 100% protected against this threat.
Use a functional antivirus, preferably one made by a reputed company. It should prevent or at
least warn you about installing infected apps.
Finally, install apps just from trusted sources and developers. Stick to the apps from the Play
Store and if you’re in doubt, user comments can provide a lot of extra details.
