Do you control your smartphone?

July 20, 2017 Corporate Blog

There is a lot of uncertainty with regards to viruses on mobile phones and tablets. Malicious software for mobile devices expands in different forms from stealing your credit card details to extorting money for not publishing your photos or location history to public sources. In line with that, numerous famous antivirus companies release multiple products for mobile security. Let’s try to get at the heart of the matter and see the real state of things.

Initially, it worth to remember that there are people who regard mobile antivirus software as a fraud. In 2014, Adrian Ludwig, the lead engineer for Android security at Google repeated this idea.

Though we didn’t find similar claims from Apple, in March 2015 they simply expelled antivirus software from the iOS AppStore (see the reports from 9to5Mac and The Register), which proves their confidence in the strength of iOS and the uselessness of mobile antivirus software.

It seems quite logical that every manufacturer praises the products they sell, we can’t always take their word for granted – recall the stories about people billed for text messages they never sent.

So, what is a mobile virus and how it can trick mobile OS’s numerous security barriers and get inside?

A computer virus is a type of malicious software program (“malware”) that, when executed, replicates itself by modifying other computer programs and inserting its own code. The definition shades some light on the point, though it is still not clear how it spreads.

In fact, there are several options.

  1. Vulnerabilities in mobile operating systems.

Steve McConnell, the author of the book “Code Complete,” says that the industry average is about 10-20 defects per 1000 lines of code. Keeping in mind that Android 4.0 had over 1,000,000 lines of code you can imagine how many defects are still uncovered. This defects could be easily exploited by hackers to take control of the system. The usual way to exploit vulnerabilities is to direct the victim to an infected website or send them a file which is disguised as a picture or document. Keep in mind and stay away of it.

  1. Malicious applications from trusted sources.

Both Android and iOS devices have stores to download apps. All of them in the stores are automatically reviewed for the presence of malicious code. It means that if users don’t use 3rd party software repositories they’ll be safe. Sounds reasonable. Still there are some hidden backdoors that remain:

  • A very sophisticated code can trick built-in store malware checkers;
  • An app from the store could be free of malicious code at the moment when a user installed it, but it can download the malicious part later;
  • In a corporate environment, you can get an application directly from your company. These applications are never submitted to the stores, thus bypass the checks.
  1. Malicious applications from untrusted sources.

As it follows from the previous section, even official stores aren’t fully protected from malware. But using 3rd party repositories is much more dangerous. For example, iOS doesn’t let you install apps from any source except their official App Store. The only way to remove this limitation is by jailbreaking.

Needless to say, you never know what comes with the crack. However, unchecked and cracked apps can be more dangerous than relatively harmless malware which works under a common iOS security model.

  1. Untrusted networks.

Have you ever thought why sometimes you get warned before connecting to open Wi-Fi networks? As it follows from the word “open”, traffic between you and Wi-Fi hotspots in such networks is not encrypted. Having a laptop and a basic skillset, anyone sitting at the next table can read everything which goes in and out of the phone. It doesn’t make the phone vulnerable directly but could potentially reveal passwords thus making it easier to inject malware into user’s personal accounts on the web.

  1. Malicious hardware.

At a Black Hat conference in July 2013, three hackers presented a device which they called “Mactans” – a small computer that looked like a common charger. As soon as you plug your iPhone into it to refill the battery, it starts to crack it. Mactans needs about a minute to replace the Facebook application with the crafted one which can take screenshots and simulate screen touch events as well as hardware button presses. Though the vulnerability was quickly patched by Apple, Mactans clearly proved the idea that your phone can be hijacked if you use chargers in public places or simply leave it unattended.

Is there a way out? Yes, install an antivirus solution. Not a silver bullet, but definitely a way out. The list of some popular and reliable antivirus solutions offered by famous security providers includes the following names: Avast, AVG, Avira, Bitdefender, McAfee, Kaspersky, Sophos, Norton, Trend Micro.

Despite boastful and self-confident declarations of mobile OS manufacturers, it’s clear that the threat of malware should not be underestimated. No one knows how many vulnerabilities in the mobile OSs remain undisclosed and are exploited by intruders and governments. Therefore, take a look and bookmark this list of simple recommendations to follow for your safety:

  • Never install applications from untrusted sources;
  • Don’t click on suspicious links even if they’ve come from your friends. Remember that their accounts could’ve been hijacked to distribute malware;
  • Avoid applications from unknown publishers with low counts of downloads;
  • Carefully read which permissions an application is asking for. If a calculator wants to have access to your contacts, camera and microphone, you should probably avoid it;
  • Don’t root or jailbreak your phone;
  • Protect it with a PIN, a password or a fingerprint;
  • Don’t leave it unattended;
  • Avoid usage of untrusted networks.

These simple though sensible precautions help to protect your devices.

Featured image by Shutterstock.