All about Android antivirus

While many say Apple kicked off the modern smartphone craze with the release of the iPhone in June 2007, Android phones weren’t far behind. The first Android smartphone released in late 2008, and by 2010, Android was the most popular smartphone operating system in the United States. Much like Windows PCs in the 80s, Android presented itself as a more affordable, more open alternative to the closed garden of Apple products. Today, Android is the biggest mobile operating system on the planet, with more than 2 billion monthly active devices. This also makes the Android platform the biggest mobile phone target for hackers.

Mobile devices are the next frontier of cybercrime. As sales of desktops and laptops have started to decline, smartphone sales have held strong. Furthermore, many mobile users aren’t yet aware they need cybersecurity for their phones. While the majority of cyberthreats are still aimed at PCs, Android malware is growing rapidly.

Cyberthreats for Android are much like cyberthreats for PCs. They sneak their way onto your device, often in the form of a shady download, then burrow themselves in the system in order to steal information, spy on you, or take control of the device. In many ways, the game is the same, but the playing field has changed.

To protect themselves, many users assume they need some sort of antivirus, but viruses are just one kind of threat. Android users who are concerned about cybersecurity should look into a cybersecurity solution that protects them from all forms of malware, not just viruses.

Can Android devices get viruses?

Truth be told, most cybersecurity pros consider viruses to be more of a legacy threat for computers, and perhaps a complete misnomer when it comes to Android phone infections.

Computer viruses are programs that can replicate themselves by piggybacking onto another program. Early hackers used them to spread all kinds of malicious software (also known as malware) onto computers. That said, this strategy isn’t as common among modern cyberthreats. We’d be hard pressed to identify any malware that duplicates itself like a legacy computer virus. So technically, there is no such thing as an actual Android virus. The problem is that the term “virus” has become a catchall phrase for cyberthreats in general, even though it’s outdated.

“Smartphones are essentially handheld computers, with many of the same weaknesses.”

This is not to say that you don’t need cybersecurity software on your Android phone or tablet. After all, smartphones are essentially handheld computers, with many of the same weaknesses. We also use them to store all kinds of valuable private information, financial data, and other targets that attract cyber thieves. As such, these devices are susceptible to the same kind of malware strands found on PCs.

So naturally, Android “antivirus” software, or more properly, anti-malware software, is an essential measure against a variety of threats. Some, for instance, will mob your Android phone with annoying ads. Other malware is more harmful, representing itself as a trustworthy site or app, deceiving you into revealing passwords or private financial information.

The problem of malware on Android is also compounded by the fact that many users don’t take steps to protect themselves. Most mobile users do not protect their phones as diligently as they do their computers. They don’t install security software and they fail to keep their operating systems up to date. Oversights like this make these users vulnerable to even primitive malware. Since screens on mobile devices are small and users can’t easily see activity, the typical red-flag behaviors that signal infection in a PC can run on the phone behind the scenes in stealth mode.

Signs of Android malware infection

Fortunately, there are a few unmistakable signs to look for if you suspect your Android phone is infected. Here are the main ones:

  • A sudden flood of pop-up ads. If ads appear out of nowhere and send you to sketchy websites, you’ve probably installed something with adware in it.  
  • A puzzling increase in data usage. Malware chews up your data plan by displaying ads and sending out stolen information from your phone.
  • Bogus charges on your bill. This happens when malicious software makes calls and sends texts to premium numbers.
  • A disappearing battery charge. Malware is a resource burden, gulping down your battery’s juice faster than normal.
  • People on your contact list report strange calls and texts from your phone. Malware replicates by spreading from one device to another by means of emails and texts, inviting them to click on the infected link it displays.
  • A phone that heats up while performance lags. Malware can push your device to its limit and cause it to overheat. Certain attacks are so nasty they can stress your phone to the point of making the battery bulge, which essentially leaves your Android for dead.
  • An app you don’t remember downloading appears on your phone. Sometimes you download apps that have malware piggybacked onto them for a stealthy installation. That happens because Android allows users to jump straight from Google Play to other marketplaces, which may have let a malware maker slip through.
  • Your phone turns on WiFi and Internet connections on its own. This is another way malware spreads, ignoring your preferences and opening up infection channels.

Types of Android malware

Although there are many types of Android malware, here are the top five:

  • Adware is unwanted software designed to throw advertisements up on your screen, most often within a web browser. Typically, it uses an underhanded method to either disguise itself as legitimate, or piggyback on another program to trick you into installing it on your PC, tablet, or mobile device.
  • Spyware is malware that secretly observes your activities without permission and reports it to the software’s author.
  • A Trojan, or Trojan horse, is a method of attack. It works by presenting itself as something useful like an app or attachment in order to trick you into downloading it. Trojan attacks can hide anything from malware that allows the attacker unauthorized access to spyware that steals financial information.
  • Ransomware is a form of malware that locks you out of your device and encrypts your files, then forces you to pay to get your files back using hard-to-trace cryptocurrencies. Ransomware has been called the cyber criminal’s weapon of choice because it’s easy to obtain on online criminal marketplaces, difficult to defend against, and even more difficult to remove. Most victims have no choice but to pay up.
  • Malicious cryptomining, also sometimes called drive-by mining or cryptojacking, is an increasingly prevalent malware, usually installed by a Trojan. It allows someone else to use your computer to mine cryptocurrency like Bitcoin. The attackers then send the collected coins into their own account. Essentially, a cryptojacker steals your device’s computing resources to make money. Worst of all, it can be difficult to know you’re infected, making them an especially insidious threat. 

The latest Android malware news

New Android Trojan malware discovered in Google Play
Malware taking advantage of Android OS exploits, again: Gooligan
Research Paper Shows Upgrading Android Could Upgrade Malware

Where does Android malware come from?

For the most part, Android infections come from your Internet browser or a downloaded application.

Infections from the browser typically happen when an attacker uses an exploit. These attacks work by taking advantage of bugs and vulnerabilities in common web technologies like ActiveX, HTML, and Java in order to breach the browser’s security. From here, the attack forces the browser to run malicious code that delivers malware and infects the device.

“Google has tried to crack down on these malicious apps, but more keep popping up.”

Infections from downloaded applications are essentially Trojan attacks. The application seems legitimate, and it may even work as advertised, but it’s doing shady things behind the scenes like stealing data or installing other apps without your permission. These apps usually come from third-party sources, but even the Google Play Store contains malware. Google has tried to crack down on these malicious apps, but more keep popping up. The sheer number of apps downloaded from the Google Play Store makes it a huge target for malware delivery attempts.

Other sources of infections include cheap phones that come with malware pre-installed, emails with shady attachments, exploits of popular apps, phishing scams, and getting duped into clicking on suspicious download links.

Scam calls: the other smartphone threat

Smartphones aren’t just vulnerable to software-based attacks like malware and exploits. They’re also vulnerable to scam calls, which can be used against you in similar ways. For example, if an attacker was determined to get access to your bank account, they could try to infect you with malware, or they could call you up pretending to be your bank and ask for your login details. 

In one scam call scenario, you get a call from a number with the same area code and first few digits as your own number. In reality, it’s a scammer using a trick called “spoofing” to change how their number so that it appears to be a local number on your caller ID. If you answer, you might hear a spam robocall or a real person trying to con you out of money.

“Your first line of defense against scam calls is awareness and some healthy skepticism”.

Scammers can also use spoofing to imitate phone numbers from legitimate businesses and organizations like banks, police departments, and tech support hotlines. IRS scams are a common example. You get a call out of the blue from someone claiming to be from the IRS or a police department. They say you owe money and you need to pay up immediately to avoid severe punishment. If you look up their number, it appears legitimate, but it’s just a spoof. In another example, the scammer says your bank account has been breached, and they need your login information to confirm your identity. Another scammer might say there’s a problem with your phone and you need to go to a specific site and download a fixer program. This is all social engineering, schemes to fool you into revealing personal data, sending money, or letting the caller gain access to your device to install malware.

Your first line of defense against scam calls is awareness and some healthy skepticism. There are also preventative measures, but more on that a bit later.

How do you remove Android malware?

Aside from specific examples like ransomware, most malware is designed to stay hidden. While there are plenty of red flags to look for, you may not notice any at all. If you suspect malware, or even just out of an abundance of caution, download a legitimate anti-malware program, such as Malwarebytes for Android. Install it and run a scan. It’s designed to find and eliminate any malware that has infected your phone or tablet.

How do you prevent Android malware?

A cybersecurity application is a great way to prevent infections, but a few basic safety tips can go a long way too.

  • Look for early signs of malware infection to prevent them from taking root and doing damage.
  • Watch out for unusual domain names on the Internet. URLs that end in letters other than com, org, edu, net, or gov can be a sign of a risky site.  
  • Avoid clicking on pop-up ads while browsing the Internet.
  • Ignore email attachments from strangers.
  • Don’t download software from untrustworthy websites or peer-to-peer file transfer networks.
  • Keep your operating system, browsers, and plugins up to date. Updated software means attackers can’t exploit old bugs.
  • Do not click on suspicious links in emails, texts, or social media, even if they’re from a friend.
  • Download Android apps in the Google Play Store and avoid third-party sources.
  • Read reviews before you download an app.
  • Be careful about granting "permissions" when installing new apps for the first time. Often, malware crooks count on you not paying attention in order to sneak malware onto your device. For example, a calculator app shouldn’t need access to your list of contacts.  

The Android malware universe is a big place, full of nefarious threats. Whether you’re looking for prevention, or post-infection remediation, Malwarebytes for Android offers powerful, pocket-size protection, automatically blocking dangerous malware like ransomware and conducting privacy audits to reveal what apps have access to your location, calls, or other private information. And, like Malwarebytes for iOS, it also detects when a call is from a known or suspected scammer, blocking the call or warning you it may be fraudulent.

 

 

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language