Applications that close by themselves, intrusive advertising where it is not usual, strange menus where they did not appear before, excessive battery consumption… These are just some of the signs that our mobile has a virus . And far from what it may seem, Android malware is still the order of the day .
Although it is true that we now know more protection measures and that Google itself integrates its own mechanisms for this, it is no less worrying. Therefore, knowing the types of malware is essential to avoid them , especially if we know how it enters our system. We will talk precisely about this in this post
What is malware and which are the most common on Android
Malware , also popularly known as a virus when we talk about computer environments , comes to be the union of the English words malicious and software . Pulling from pure translation, it would literally be malicious software .
In Android, as in other IT systems such as computers, there are many types of malware . However, in order not to perpetuate the list and to be more practical, we will see the ones that appear more frequently and that tend to be more problematic.
trojan
Surely you have heard this term on more than one occasion. And they are the most common. Malicious files that are hidden in an apparently legitimate app are known as Trojans . Not surprisingly, its name comes from the story of The Trojan Horse , appearing to be a reliable tool for us to install and then hide inside the malicious elements that attack the mobile.
Its purposes can be diverse, being able to attack the operating system to render the device unusable. Although they can also be the element that serves as a key to open the door to other malware .
As we already said, these are not files that are downloaded consciously or indicated anywhere. They usually appear in APKs of doubtful trust and, although on a smaller scale, also in Google Play. However, Google tries to implement security filters that prevent it from entering the app store and, if one sneaks in, they try to remove the app as quickly as possible.
Spyware
In a way , it could be considered a type of Trojan , since it is also not installed carefully and appears hidden among the files of an app. Some are as difficult to locate as the Pegasus spyware , one of the most well-known and recent ones that attacked governments such as Spain.
Precisely this recent case is key to knowing that its victims are usually people of great importance to public life . Rulers and other politicians, reputable journalists, as well as actors and other famous people.
As their name suggests, they are used to spy on everything on the device . From the files it contains to the actions carried out by the victim, including at this last point his call log, SMS, WhatsApp messages, browsing history… In short, everything.
Adware
Advertising is one of the sectors that generate the most money. And on many occasions, there are applications that skip the operating rules imposed by Google to offer advertising in places that are not allowed and always without the user’s consent.
Normally they also occur in third-party APKs, although there are recent and curious cases such as the 16 apps discovered by McAfee in October . These were dressed up on Google Play as handy tools for cleaning up files, editing photos, and more. However, they added advertising in the background that not even the user saw, although they did click on them, thus reporting an economic benefit to the developer. These, luckily, were removed from Google Play.
Ransomware
In addition to the fact that this type of malware is usually more common on computers and is aimed at victims with a high-ranking profile such as spyware, the truth is that it can also occur on mobile phones. Basically it is about hijacking all the data that is stored.
The objective of the cybercriminals who launch these attacks is none other than to ask for money in exchange for the release of the data . That is, they access the content of the mobile, disable access to it by the user and only by paying the amount of money requested can they be recovered.
As we already said, they are usually directed at companies that store a lot of sensitive information . The infection method is usually the same as in previous cases: apparently trustworthy apps, sneaking malware in the form of a Trojan.
Botnets
This type of malware does not require the user to install anything on their terminal. They are usually collective attacks through the network , thereby affecting all the devices that are connected to the same WiFi or network.
It can also have different objectives . From the “simple” mass sending of spam to DDoS attacks, including the spread of any other type of malware.
Other common Android malware
Although we cannot classify them as malware, we can find scams by SMS and calls that ultimately arrive through the mobile and can compromise the money in your bank account.
In short, it is about phishing and its variants , this being the term used to define an attempt to usurp the identity of another person, company or public entity. They usually pretend to be a bank warning of an unauthorized payment or some courier service asking for a shipping fee and the like.
After all, all these messages have in common the addition of a link to a malicious website . A page that apparently may seem like that of the usurped entity, but in the end it is an imitation that only wants you to enter your bank access credentials or your payment information.
And in the same way it happens with call scams . Sometimes they use the same tactic of pretending to be a bank or they resort to the well-known vishing of the double call scam , in which they pretend to be your telephone operator, raising the price and then make another call pretending to be another cheaper company and get hold of your payment details.
How to prevent the entry of malware on the mobile
We have already seen the most common viruses and now it is time to review the most common ways that your mobile becomes infected , so that you can avoid its entry into the system .
- Third-party apps:Normally nothing will happen if you download an APK from the Internet , but always try to do it from trusted repositories and run an antivirus on the downloaded file. If they are from Google Play, check the reviews and number of downloads to check their reliability.
- Permissions:there are three permissions that can lead to the entry of malware , which are accessibility, reading SMS and notifications. Be careful which apps you grant these permissions to and, unless it is vitally important that they have it and they are trusted, do not give it to them.
- Conditions of use:although it cannot be specified in the conditions of a service that it includes malware, it could be warning that they are going to make strange use of your data. See as a recent example that of the spy apps that Qatar asks to enter the country’s premises.
- Antivirus:they are effective, but not infallible. It never hurts to have one installed on your mobile, especially knowing that there are free antiviruses for Android with a very good reputation. However, they are not always capable of detecting malware, and they can create a false sense of security.
- Wi-Fi connection:Avoid connecting to untrusted Wi-Fi networks. And if you have no choice but to do it, try to do it with a VPN that acts as a bridge and allows you to have more private and secure browsing.
- Web pages:avoid entering pages that are not trusted, especially those that leave the ‘https’ protocol. If there is also a previous alert from your Internet operator warning you, do not ignore it unless you are sure. In the same way, do not click on doubtful links that you receive by SMS or email.
- Attachments:whether by email, SMS or any other means, try not to download and store photos, videos and other files that you receive if they are not secure files and that you have received from a trusted person or entity.
- Cleaning:try to keep your phone internally clean of junk files. There are several very good Android cleaners , although Google’s own, called Google Files , might suffice .
How to remove malware on Android
If you have already detected that your device is infected, you should know that there is no more accurate method to remove Android viruses than to completely format the phone , as excessive as it sounds. And it is the best way to remove all infected files.
Of course, it is important that it be a complete restoration and that after that you do not load any backup . And it is that, as useful as it is to have a backup of your data , it could drag malicious files with it.
Similarly, a piece of advice to keep in mind is to change all the passwords for applications and services that you had on your mobile at the time the malware was detected. That way you will block access to cybercriminals, if they had managed to obtain it. And, if possible, try to make the new one a strong password (long, mixing characters, different for each account, etc.).
