Growing concern over security has forced many businesses to strengthen the security on their networks. This has pushed hackers to search for other avenues to exploit, such as the operating systems of Android phones. A new pool for harvesting information is the Android app phone market. An article on Reddit noted that more than fifty apps were hacked by perpetrators grabbing legitimate applications off the Android Market, inserting malware into it and then publishing it on another site with a similar name.
One example was the program called Solo which was grabbed and hacked and uploaded under a different name. The application was downloaded by over 200,000 times before it was removed from the Android Market. A tool was posted to help users recover from the attack, according to the McAfee report. Users who do not check their updates regularly would have no way of knowing about the danger or even be aware that their phone was infected with a virus known as Android/DrdDream. Mobile malware can cause annoying malfunctions, or it can silently steal login information or other personal data stored on the phone.
In spite of all the efforts to correct the issue, a hacker gang created malware that masqueraded as the tool, which in turn created a backdoor to let the hackers into the phone and steal data, a McAfee researchers said. The Android phone system aims to make their system more open source. This one feature makes it a target for malware. This allowed developers to post Android apps on their web sites and attempt to attract users to install them. While Apple uses a centralized store to post applications that have been vetted before posting. Android’s open source does not have the same scrutiny. How can users then protect themselves?
We have some suggestions from McAfee Labs:
How to protect Your Android Phone
Don’t Jailbreak your iphone:
Only down load apps from the iStore to protect yourself from using a software download that changes and opens the operating system, as that leaves your phone vulnerable to numerous hacks that would otherwise be blocked by the locked phone.
Bank with authorized apps only.
Use branded Bank Authorized applications for your on line banking. Third party applications and not secure enough to entrust with your password and transactions. In spite of the convenience, it is better to be safe than sorry.
Only download popular apps. Popular apps that have more than 150,000 downloads are more likely to be safe rather than ones that have only thousands. Read the comments to see what users have said in reviews.
Download only from reputable publishers.
Make sure you are on the right website and not a look alike. If you’re uncertain about an app, do a quick search under the publisher’s name. If you find a number of apps with good reviews and lots of downloads, chances are you’re dealing with a reputable provider. Remember that spoofed software apps are look a likes and the domain names are usually copy cats.
Monitor your wireless bill.
It is possible for some hijacked apps do things like make expense calls to foreign numbers to fatten the bank account of various intermediary sites at your expense. These programs can make background calls or at times when you don’t realize your phone is doing something. Even if you haven’t been infected, you may have unwittingly subscribed to one of those annoying services that automatically bill you every month for things like ring tones, so check the bill every month; it only takes a few minutes.
Have you had issues with your Android phone and bad software? Please share with us. We would like to hear from you.