It is well known that there are all kinds of malware out there, and security has become now more important than ever. To help you protect your Android device from such malware, Sophos has comprised a list of common Android malware types. According to Sophos' findings, cracked apps account for a significant portion of the Android malware ecosystem.
The security firm examined statistics collected from users who have installed the Sophos Mobile Security app and identified five main types of malware currently compromising Android devices, wrote Graham Cluley, senior security consultant at Sophos, in a company blog post. Sophos collected data from Android devices in over 118 countries.
Securing your smartphone or tablet is of utmost importance, because malicious attacks can not only harm your device, but can gain access to sensitive data and control the device remotely. Google has always been careful about malware and, so far, has reacted promptly in removing any malicious app from its Google Play marketplace. Moreover, the search giant introduced "Bouncer" back in February, a scanning service designed to identify and block malicious apps on the market. Some apps, however, can still slip past the scanning service, and users can download potentially harmful apps from many alternative markets. "It's quite clear that Android malware is a growing problem," wrote Cluley.
Top Five Android Malware
Despite the rather large number of apps snooping on SMS messages and transmitting data back to a command and control server, Sophos' findings reveal that the most common type of malware affecting Android devices are the cracked apps users download without considering potential security risks.
The Andr/PJApps-C type of Android malware consists of apps that have been cracked using a publicly available tool, Cluley wrote. Most commonly, according to Sophos, these are paid apps that have been hacked and made available for free. While such cracked apps are not necessarily malicious, most likely they are illegal.
Andr/BBridge-A is another common type of malware, using a privilege escalation exploit in order to download and install additional applications onto the compromised device. Basebridge uses HTTP to communicate with a central server and transmit personal information that may be identifiable, and it can also send and read text messages.
"These malicious apps can send and read SMS messages, potentially costing you money," warned Cluley. "In fact, it can even scan your incoming SMS messages and automatically remove warnings that you are being charged a fee for using premium rate services it has signed you up for."
The Andr/BatteryD-A type of malicious app promises to extend the battery life of your device, but instead it communicates with a server and sends potentially identifiable information through HTTP. It also "aggressively displays adverts," wrote the analyst.
Andr/Generic-S is a generic category that includes apps which use privilege escalation exploits and aggressive adware such as Android Plankton and its variations.
Lastly, Andr/DrSheep-A is the fifth of the most common Android malicious apps. It is the Android equivalent to Firesheep, Mozilla Firefox' plug-in that can be used to hijack Twitter, LinkedIn, and Facebook sessions in a wireless network environment.
To make sure your device is safe from such malicious attacks, always download apps from authorized sources only, be safe when browsing online, scan apps that you install and avoid apps that ask for excessive permissions. There are many potential harmful applications in the wild, and it is recommended to install a security app as soon as possible. The Sophos Mobile Security app is available for free on Google Play.
