Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How to prevent mobile malware in 3 easy steps

Robert Lemos | May 21, 2015
Mobile malware tends to loiter in a few "bad neighborhoods" online that you should stay out of anyway.

"There was a blip here or there, but the reality was that there was nothing of significance to note," he told the press during an April 2015 call.

Third-party app stores carry the most risk
Most malicious software is found in third-party app stores popular in a few countries that are loaded with pirated versions of software or trojanized applications. While Symantec automatically discovered and analyzed 6.3 million mobile apps in 2014, for example, there are only about 1.5 million apps in the Google Play store and fewer than that in the Apple App Store, according to AppFigures, meaning that two-thirds of applications from other sources make up the majority of data.

Paying heed to the data, three simple steps are recommended for North American users.

1. Use an official app store
The official app stores--namely, Google's Play store and Apple's App Store--regularly check uploaded software for malicious behavior. While the checks are automatic and can be fooled, they do act as an initial bar that attackers have to circumvent. The companies will remove programs later found to be malicious as well.

Consumers that load applications to their device only from Google Play, for example, have a 0.1 percent chance of having a potentially harmful application on their device, rather than 0.7 percent for devices that load software from outside of Google.

Loading in applications from other app stores or Web sites, an activity known as sideloading, gives attackers and criminals an opening to install their own code. Many of those app stores do not perform the same security functions as Apple and Google. Russia, for example, is the leader in infected phones, with about 3.75 percent of devices containing a PHA, according to Google's data.

Using apps outside official stores "is a risky behavior," Google's Ludwig says. "Potentially harmful applications are 7 to 10 times more likely to be installed outside of Google Play."

2. Don't jailbreak your phone
Mobile devices come with a lot of built-in security. Using programs to hack the devices to remove the carriers' and manufacturers' restrictions--an activity known as "jailbreaking"--can lead to freer markets, but also undermines much of the security protecting the devices. The ability to keep applications from accessing protected data and to validate applications are both disabled on jailbroken apps.

Finally, users who jailbreak their devices need to rely on their own technical know-how to protect the devices and their data.

3. Update often
Vulnerabilities have historically not led to increased attacks on mobile devices. Apple's iOS had nearly 8 times as many vulnerabilities than Android in 2014, but nearly all malware targets Android, according to Symantec's latest Internet Security Threat Report.


Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.