Malware May Be Lurking on Your Smartphone

The Google Play Store is full of great apps to keep you connected and productive—but something dangerous may be hitching a ride when you download a new app. That’s right: developers have figured out a way to sneak malware into the Google Play Store, and ultimately onto your Android phone or tablet.

Using a crafty code known as “droppers,” app developers hide malware code deep within apps and proceed to attack Android devices in stages. If your phone or tablet is suddenly slow, riddled with pesky pop-ups, or using too much data, you may be the latest victim.

How to detect droppers and protect your device

Droppers are essentially a bait and switch situation: you think you’re getting one thing but wind up getting something entirely different. They’ve been around for years on desktop computers, but now they’re effectively targeting smartphones—most of which don’t use antivirus software.

The original coding of a dropper isn’t meant to cause any harm. Rather, it’s merely a way to gain access so that future downloads can drop harmful malware into your device. Since that original code isn’t threatening, it often passes Google’s security tests when submitted to the Play Store.

Some coders sneakily slap on an additional layer of sophistication, like a timer that will execute the malware in stages based on permissions or usage. Don’t despair, though. You can still save your smartphone. Here are some ways to protect yourself:Do some research on the developer to make sure they’re legitimate and reputable.

• Read the app’s reviews carefully. Remember that developers can buy good reviews, so pay particular attention to any negative ones.
• Read the permissions before you initiate the download. Don’t download an app that asks for permissions you’re not comfortable granting.
• Consider installing a reputable security app to detect threats.

Don’t panic, but stay informed

Cybersecurity firms and researchers have been wise to droppers for quite some time. In fact, research by Avast Threat Labs found that some Android devices actually come pre-installed with these devious droppers.

Needless to say, Google is hard at work finding ways to stop unauthorized attacks on their popular devices. Apple’s App Store puts apps through a much more rigorous testing protocol before making them available for download. The company also prevents iOS apps from downloading, installing, and executing code.

Malware can cause significant damage—and oftentimes, it’s damage your business simply can’t afford. Dropper developers may be smart, but cybersecurity companies like eMazzanti are smarter. We can help keep your devices and data safe through expert consultation, management, and crisis control. Contact us today to learn more.