A malware package, potentially created in the Far East, is estimated to have generated over £230K in paid revenues. The revenue generation occurs through fraudulent adverts appearing in apps for products and services.
The software is thought to be running on approximately 10 million Android devices, ranging from phones to tablets.
One known malware package, called Hummingbird, is believed to infect 63000 devices each day with new features, by the author, creating new mechanisms for it to propagate across the globe. The software is delivered via infected social media apps and can even survive a factory reset – making it extremely difficult to remove. But how can you protect yourself?
You can protect yourself from such apps by either not installing them, instead using the web based portals for access to these services, or by ensuring you only download apps from the source of the service. The Android App Store has been caught out before with a number of dubious apps getting through the scanning process, but if all else fails that would also be a safer place to download apps rather than through alternative sites, links or via emails.
The other thing to consider is what permissions an app should:-
- Ask for access to…– ask yourself “why does this app need access to ….”
- Say it needs – ask yourself “why does this app need access to”
If it looks odd, it may well be! Remember people often forget quite quickly what they have granted access to, particularly if you are a frequent app user.