The Android OS is in the news for all the wrong reasons. Cyber criminals are targeting this OS, slipping in malware through poisoned mobile applications. Almost 50% of all Android phones in the US are infected with malware, and once malware strikes, the odds are the phone being used to send spam SMS or becoming part of a botnet. This is in addition to the very real possibility of data-theft of any information stored in the phone, or of any transaction undertaken through the phone browsers.
The root cause for such as influx of malware is carriers not delivering patch updates in time. Google has made available Android OS in open source, allowing Android developers to use it in devices for free. This good gesture has now turned counterproductive in that the company has no control over the OS used by the device manufacturers. Thus, even when Google remains relatively prompt in issuing patch updates whenever a vulnerability surfaces, device vendors rarely pass it on to the customers. As such, most Android devices are two to three years behind in updates, and have vulnerabilities that cyber criminals happily exploit.
Considering the fact that even when vulnerabilities exists, it requires the user downloading something malicious or at least visiting a malicious site before the attackers can exploit the vulnerability, the best way to avoid Android’s malware influx is to avoid downloading dodgy mobile applications.
The obvious solution may seem to download apps only from the official Google Play store. But even this may not be fool-proof. German researchers from Hannover’s Leibniz University and Marburg’s Philipps University have unearthed 41 malicious apps in the Google Play Store itself. Each of these apps has the potential to leak sensitive data. Google had launched a Bouncer service in 2012 to eject malicious apps from the play store, but apparently ingenious cyber criminals have worked a way out to evade these bouncers. Downloading only popular apps, those that feature in the top pages, and with hundreds of positive reviews, offers a modicum of safety.
The safe browsing habits applicable to desktops apply to Android smartphones as well. Cyber criminals are always on the lookout to slip in Trojan and other malware when users visit untrusted sites or respond to phishing emails. The golden rule is to never browse your way into an unknown site or respond to an unsolicited email.
The next best approach to exercising caution is to install a good anti-malware suite that would detect and block malware, even if it happens to sneak in. The mobile anti-malware market is not as matured or diversified as its desktop counterpart, but there do exist some good protecting suites catering to Android phones.
A good antimalware suite not only detects, clean and deletes malicious apps and scripts, but also offers built-in protection that blocks the loading of malicious websites. They would also have strong anti spam filters that extends to SMS, and privacy advisor that would recommend whether to allow the mobile applications the permission they seek out. Most anti-malware suites also offer add on services such as anti-theft protection, remote wipe, App, blocking Call and SMS filtering, and more.
Among the top free security suite for Android is Avast! Mobile Security. This suite scores for its coverage of every possible security concern.
Another good option is the Zoner Antivirus, which compensates for its relative lack of functionality by offering a more robust threat filtering service.
Sophos Security is yet another good option. This suite is noted for adopting cloud scans rather than resorting to virus definition updates, meaning that it is more likely to catch the most latest of threats compared to other suites.
Dr Web Antivirus Light offers a similar real time protection.
Lookout Mobile Security has the reputation of having developed the first anti-malware suite for the Android platform, and as such, draws upon its experience to offer robust security.
A few good security suites work differently from conventional anti-malware as well. For instance, Duo Security’s X-Ray app unearths known flaws in the OS, making the user aware of the need to upload a patch as soon as possible.