Android Malware Disguised As Security Apps

Every day, I review security announcements on the internet, and what I’m seeing lately is a lot of alerts for fake Android apps. A simple Google search gives me a disturbing 145,000 results. The latest threat that I picked up and passed on to my social media connections is called SandroRat.

SandroRat is a variant of the AndroRat malware which came into being when the criminal who created the original malware put the source code up for sale on criminal forums!

Mobile devices, in particular smartphones, are now mainstream; most people who have them, can’t do without them. Pew Research reports 58% of American adults who have cell phones own a smartphone. To put that number into perspective, Pew states that 90% of adults in the U.S. have cell phones.

Why is Android so vulnerable to malware?

Android is a Google product and they decided to open the platform to all developers, giving users a vast database of apps. It’s no secret that apps are what makes the smartphone so darn useful — and, at the same time, more vulnerable.

By opening up their platform and increasing the number of apps available, Google was able to overtake Apple in the war for control of the mobile phone market. A lot of money is up for grabs.

How does mobile malware get to user phones?

There are a few ways:

  1. It is very inexpensive for Android developers to offer their apps for sale on legitimate app stores. This easy entry point into the market makes it cheap for criminals to upload fake security apps and offer them to the public.
  2. According to Trend Micro, criminals can also modify an existing legitimate app, add infectious code, then upload the “weaponized” program back to the app store.
  3. Phishing attacks are also a very useful way of spreading malicious code. Emails, seemingly from legitimate sources, are sent to millions of mobile users where they offer free security protection. Once a user clicks on the link from their phone, the code delivers the infected payload.

What can you do to protect yourself?

  1. Make sure that you download apps only from trusted sources. Do not download apps from emails you receive!
  2. Before downloading any app, investigate what data the app wants access to and decide whether it is reasonable given the app’s function. If you’re unsure, don’t install it.
  3. Use a good mobile anti-virus program on your smartphone, such as Avast! Free Mobile Security.

XSolutions is a Managed Services Provider (MSP) and provides 24/7/365 remote monitoring, scheduled workstation and server maintenance, Help Desk Services, Cloud & Hosted Services, Backup/Disaster Recovery, and Software Development. Call us at (845) 362-9675 and see how we can help your company.