Drive-by Downloads Now Targeting Android Users

Question

Can my Android smartphone really get a virus from the Internet?

- Joel

Answer

This question was answered on May 3, 2012. Much of the information contained herein may have changed since posting.

The popularity of smartphones combined with the high rate of daily usage has made them an obvious target for malware attacks.

While the relative threat to date has been pretty minimal, you can count on the underworld of the Internet to continue to develop ways to exploit this very desirable sector of Internet connected devices.

In general, the Android platform has been and will continue to be the most likely to be exploited for two reasons: the open architecture and its market share (it’s now #1).

The very thing that attracts many to the Android platform (its lack of restrictions relative to iPhones and Blackberrys), is also what is attracting malicious code writers to the party.

Most existing malware designed to exploit smartphones has either been ‘proof of concept’ applications developed by security firms or very crudely written programs that require the user to download and install an infected app.

For the most part, if you are very careful where you get your apps (i.e Apple’s App Store or Google Play) and don’t ‘jailbreak’ or ‘root’ your phone, which allows you to install apps that have not been approved by the vendor, you can sidestep most of the danger.

Because Android phones can take advantage of ‘sideloading’ apps, which allows the user to install anything they want from any source they want, they can also be exploited in this way.

A recent discovery by Lookout Mobile Security uncovered the age-old exploit used to infect computers called ‘drive-by downloads’ is now being used to attempt to infect Android smartphones.

It’s now technically possible to have an infected program slipped onto your Android smartphone simply by visiting a hacked website that has been rigged with malicious code.

The good news is that it’s fairly rare and still requires you as the user to approve the installation of the app to complete the infection Even if you allow the install, the current Trojan (NotCompatible) doesn’t do any real damage or take advantage of your personal info (yet!)

The bad news is that they figured out how to sneak apps onto your phone just by coaxing you to visit a website and you can count on this being just the beginning of this type of exploit.

It’s still pretty easy to avoid being a victim of this newest exploit by making sure that your Android phone does not allow apps from ‘unknown sources’ to be installed (go to Settings/Applications/Unknown Sources and make sure there is not a checkmark).

If you are in the high-risk category (rooted or jailbroken phone and you install apps from outside sources) you may want to consider installing Lookout’s free security app https://www.mylookout.com/download iPhone or Android).

Lookout watches over several areas of your phone to alert you when suspicious activity is detected.

The downside is that it may also cause some performance issues as it becomes a constantly running overlord in order to protect you from yourself, so only load it if you think you need the extra protection.

This is a fast developing arena that will continue to be targeted by the bad guys, so make sure you keep your smartphone updated (regardless of which platform you are on) and avoid installing any apps that you really don’t need.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on May 3, 2012