Android devices aren’t fully secure. The reason is deeply embedded in the business model of Android phone vendors. While Google regularly delivers security updates for Android OS, vendors are often late with updates. This practice leaves millions of phones exposed to security threats.
Not even an IT giant such as Google can completely protect Android users from cyber attacks. In fact, there were 3 major security threats in the past. Let’s see what Android malware was recently discovered.
Password-stealing Malware on the Google Play Store
This June, Android users who downloaded and installed any one of a number of apps from the Google Play Store were exposed to a major security threat. A cybercrime group already known to officials had uploaded banking malware to the Google Play Store.
The malware in question is Anubis, named after the ancient Egyptian god of the dead. The malware is infamous for its capabilities, which include stealing login credentials for payment cards, banking apps, and e-wallets.
Anubis was hidden in all sort of apps. Experts have found it in apps that allow users to monitor livestock marketing in real-time, and even some online shopping apps were infected.
Fortunately, the experts at IBM X-Force identified the threat before it could wreak havoc and cause serious harm. According to them, the malware creators invested a lot of resources and time to create sophisticated malware that could bypass Google’s wardens undetected.
A Banking Trojan, A Keylogger and Ransomware
Another type of malware was discovered in June this year as well. It was very similar to the Anubis malware we’ve already discussed, but it also had another nasty feature attached to it – ransomware. It could encrypt your data and render both your phone and data unusable.
This time, we have the security researchers at ThreatFabric to thank for catching the malware. The malware was launched as an updated version of the infamous Lokibot, but it didn’t escape ThreatFabric’s watchful eyes.
This new Lokibot had some bonus features that called for a new name for this malware. Therefore, the researchers called it the MysteryBot.
Upon closer inspection, the researchers discovered that both LokiBot and MysteryBot share the same command and control server. This suggests that both of these malware apps were developed by the same group of people.
MysteryBot had some features that allow attackers to do all sorts of things with the victims’ phones. For instance, the hacker can take full control of the infected device, read SMS messages, go through the victim’s contact list, and so on.
See also: Android is the least secure mobile platform — Nokia Threat Intelligence Report
The researchers also found features that were not active yet, which suggests that MysteryBot is still being developed. These features include starting and closing applications and stealing emails.
MysteryBot can also encrypt personal files and put them in password-protected archives. Users would then ostensibly have to regain access to their files by paying the hackers a ransom.
Fortnite Bypasses Google as Security Gatekeeper
Fortnite is a very popular battle royale FPS game, so it’s no surprise that Fortnite’s developers decided to enter the mobile market. What surprised us is how they did it – by launching their own Android Fortnite app and bypassing the Google Play Store.
The game is already available on a number of platforms. Besides PC, gamers can try it on home consoles and iOS devices. However, the firm behind the game, Epic Games, decided not to go through the official Google channels to launch their Android app. Instead, they host the app for download themselves. This presents a huge risk for Fortnite players who can easily become the victims of numerous malware infections.
The Google Play Store implements different app screening methods to protect Android users from getting infected by malicious software. By deciding to bypass Google as a security gatekeeper, Epic Games directly undermined the general security of the Android ecosystem.
This was a little round-up of recently discovered Android malware. It’s more than obvious that there is a long way ahead of us before we can feel completely safe using our Android devices and downloading apps from the Google Play Store.
To stay protected online and minimize the risk of your data ending up in the wrong hands, you can still use VPNs. Thanks to the multiple security layers implemented by VPNs, users of Android devices can enjoy a safer online experience and stay away from the prying eyes of cybercriminals.