Antivirus is not for computers alone
Think about how often you use your Android device: Messaging, posting selfies, ordering food, trading stocks, gaming, shopping, starting your car, managing the smart devices in your home--there's almost nothing you can't do on mobile. If you use your Android this often, doesn't it need protection too?
Can Android devices get viruses?
Android devices are susceptible to all kinds of malware. Phishing, ransomware, Trojans, spyware, dangerous apps--there's a plethora of threats that can infect Android devices. A computer virus is a program that can replicate itself by piggybacking onto another program, and early hackers used them to spread all kinds of malicious software, or malware, onto computers. "Virus" has become a catch-all phrase for cyberthreats in general, and yes, Android devices are susceptible to cyberthreats.
Smartphones are essentially handheld computers, with many of the same weaknesses. We use them to store all kinds of valuable private information, financial data, and other targets that attract cyber thieves. As such, these devices are susceptible to the same kind of malware strands found on PCs.
“Smartphones are essentially handheld computers, with many of the same weaknesses.”
Mobile vs. desktop threats
Android is the world's most popular mobile operating system, with over 3 billion active devices. This makes Android a big target for malware. The problem is compounded by the fact that many users don't protect their devices by installing security software and installing updates when they become available.
Cyberthreats for Android are much like cyberthreats for PCs. They sneak their way onto your device, often in the form of a shady download, then burrow themselves in the system in order to steal information, spy on you, or take control of the device. Just like you can protect your computer with antivirus software, you can protect your Android with an antivirus app (and by other good security habits, as we list at the bottom of this page).
What is Android antivirus?
Android “antivirus” software, or more properly, anti-malware software, is an essential measure against a variety of threats. Some, for instance, will mob your Android phone with annoying ads. Other malware is more harmful, representing itself as a trustworthy site or app, deceiving you into revealing passwords or private financial information.
Malwarebytes for Android is an antivirus app that protects your device in several ways:
- Automatically detects and removes dangerous malware threats
- Detects ransomware before it can lock your device
- Aggressively detects adware and Potentially Unwanted Programs (PUP) to keep your Android device running smoothly
- Scans for phishing URLs when you're using the Chrome browser
- Conducts a privacy audit for all apps
Learn more about Malwarebytes for Android, and give the app a try for free.
Types of Android malware
Although there are many types of Android malware, here are the top five:
- Adware is unwanted software designed to throw advertisements up on your screen, most often within a web browser. Typically, it uses an underhanded method to either disguise itself as legitimate, or piggyback on another program to trick you into installing it on your PC, tablet, or mobile device.
- Spyware is malware that secretly observes your activities without permission and reports it to the software’s author.
- A Trojan, or Trojan horse, is a method of attack. It works by presenting itself as something useful like an app or attachment in order to trick you into downloading it. Trojan attacks can hide anything from malware that allows the attacker unauthorized access to spyware that steals financial information.
- Ransomware is a form of malware that locks you out of your device and encrypts your files, then forces you to pay to get your files back using hard-to-trace cryptocurrencies. Ransomware has been called the cyber criminal’s weapon of choice because it’s easy to obtain on online criminal marketplaces, difficult to defend against, and even more difficult to remove. Most victims have no choice but to pay up.
- Malicious cryptomining, also sometimes called drive-by mining or cryptojacking, is an increasingly prevalent malware, usually installed by a Trojan. It allows someone else to use your computer to mine cryptocurrency like Bitcoin. The attackers then send the collected coins into their own account. Essentially, a cryptojacker steals your device’s computing resources to make money. Worst of all, it can be difficult to know you’re infected, making them an especially insidious threat.
Where does Android malware come from?
For the most part, Android infections come from your Internet browser or a downloaded app.
Infections from the browser
Infections from the browser typically happen when an attacker uses an exploit. These attacks work by taking advantage of bugs and vulnerabilities in common web technologies like ActiveX, HTML, and Java in order to breach the browser’s security. From here, the attack forces the browser to run malicious code that delivers malware and infects the device.
Infections from apps
Infections from downloaded apps are essentially Trojan attacks. The application seems legitimate, and it may even work as advertised, but it’s doing shady things behind the scenes like stealing data or installing other apps without your permission. These apps usually come from third-party sources, but even the Google Play Store can contain malicious apps. Google has tried to crack down on these malicious apps, but more keep popping up. The sheer number of apps downloaded from the Google Play Store makes it a huge target for malware delivery attempts.
“Google has tried to crack down on these malicious apps, but more keep popping up.”
Other infection methods
Other sources of infections include cheap phones that come with malware pre-installed, emails with shady attachments, exploits of popular apps, phishing scams, and getting duped into clicking on suspicious download links.
Scam calls: the other smartphone threat
Smartphones aren’t just vulnerable to software-based attacks like malware and exploits. They’re also vulnerable to scam calls, which can be used against you in similar ways. For example, if an attacker was determined to get access to your bank account, they could try to infect you with malware, or they could call you up pretending to be your bank and ask for your login details.
In one scam call scenario, you get a call from a number with the same area code and first few digits as your own number. In reality, it’s a scammer using a trick called “spoofing” to change how their number so that it appears to be a local number on your caller ID. If you answer, you might hear a spam robocall or a real person trying to con you out of money.
“Your first line of defense against scam calls is awareness and some healthy skepticism.”
Scammers can also use spoofing to imitate phone numbers from legitimate businesses and organizations like banks, police departments, and tech support hotlines. IRS scams are a common example. You get a call out of the blue from someone claiming to be from the IRS or a police department. They say you owe money and you need to pay up immediately to avoid severe punishment. If you look up their number, it appears legitimate, but it’s just a spoof.
In another example, the scammer says your bank account has been breached, and they need your login information to confirm your identity. Another scammer might say there’s a problem with your phone and you need to go to a specific site and download a fixer program. This is all social engineering, schemes to fool you into revealing personal data, sending money, or letting the caller gain access to your device to install malware.
Your first line of defense against scam calls is awareness and some healthy skepticism. There are also preventative measures, but more on that a bit later.
Android malware news
- Have you downloaded that Android malware from the Play Store lately?
- SoNot SoSafe: Android malware disguises itself as secure messaging app
- SharkBot Android banking Trojan cleans users out
- Google patches zero-day vulnerability, and others, in Android
- Android Trojan GriftHorse, the gift horse you definitely should look in the mouth
- Watch out! Android Flubot spyware is spreading fast
- Pre-installed auto installer threat found on Android mobile devices in Germany
Signs of Android malware infection
Fortunately, there are a few unmistakable signs to look for if you suspect your Android phone is infected. Here are the main ones:
A sudden flood of pop-up ads. If ads appear out of nowhere and send you to sketchy websites, you’ve probably installed something with adware in it.
A puzzling increase in data usage. Malware chews up your data plan by displaying ads and sending out stolen information from your phone.
Bogus charges on your bill. This happens when malicious software makes calls and sends texts to premium numbers.
Poor battery life
A disappearing battery charge. Malware is a resource burden, gulping down your battery’s juice faster than normal.
Strange calls & texts
People on your contact list report strange calls and texts from your phone. Malware replicates by spreading from one device to another by means of emails and texts, inviting them to click on the infected link it displays.
A phone that heats up while performance lags. Malware can push your device to its limit and cause it to overheat. Certain attacks are so nasty they can stress your phone to the point of making the battery bulge, which essentially leaves your Android for dead.
An app you don’t remember downloading appears on your phone. Sometimes you download apps that have malware piggybacked onto them for a stealthy installation. That happens because Android allows users to jump straight from Google Play to other marketplaces, which may have let a malware maker slip through.
Phone makes its own connections
Your phone turns on WiFi and Internet connections on its own. This is another way malware spreads, ignoring your preferences and opening up infection channels.
How do you remove Android malware?
Aside from specific examples like ransomware, most malware is designed to stay hidden. While there are plenty of red flags to look for, you may not notice any at all. If you suspect malware, or even just out of an abundance of caution, download a legitimate anti-malware program, such as Malwarebytes for Android. Install it and run a scan. It’s designed to find and eliminate any malware that has infected your phone or tablet.
How do you prevent Android malware?
A cybersecurity application is a great way to prevent infections, but a few basic safety tips can go a long way too.
- Look for early signs of malware infection to prevent them from taking root and doing damage.
- Watch out for unusual domain names on the Internet. URLs that end in letters other than com, org, edu, net, or gov can be a sign of a risky site.
- Avoid clicking on pop-up ads while browsing the Internet.
- Ignore email attachments from strangers.
- Don’t download software from untrustworthy websites or peer-to-peer file transfer networks.
- Keep your operating system, browsers, and plugins up to date. Updated software means attackers can’t exploit old bugs.
- Do not click on suspicious links in emails, texts, or social media, even if they’re from a friend.
- Download Android apps in the Google Play Store and avoid third-party sources.
- Read reviews before you download an app.
- Be careful about granting "permissions" when installing new apps for the first time. Often, malware crooks count on you not paying attention in order to sneak malware onto your device. For example, a calculator app shouldn’t need access to your list of contacts.
The Android malware universe is a big place, full of nefarious threats. Whether you’re looking for prevention, or post-infection remediation, Malwarebytes for Android offers powerful, pocket-size protection, automatically blocking dangerous malware like ransomware and conducting privacy audits to reveal what apps have access to your location, calls, or other private information.