As Malicious Mobile Apps Propagate Android Keeps Fighting to Combat Malware Infections

Android users have to be careful when they work on downloading new apps, in particular with the recent surge in malware. In many cases adding a third-party, antivirus suite gives more security to Android running devices.

A lot of these antivirus apps are not exactly perfect either though. Researchers from the Georgie Institute of Technology checked out 58 antivirus apps and found out that most of them are coming up short in the race to detect today's malware, with the results being published back in July 2017.

Play Protect, the new AI based security tool by Google, will be implemented into the new Android operating system. It will scan the play store and your phone to identify threats to security and bad apps better. Users can also help through careful browsing habits and avoid when they are looking for new apps. There are a few new malware variants that may hide behind harmless media content, apps and webpages that have been making the rounds:

Sonic Spy Malware

This malware may record conversations on the phone using the microphone, and it may capture photos with the front camera without the user being any the wiser. It may also leak out information such as call logs, text messages, WiFi access points and contacts. According to Lookout, a San Francisco based security company, Sonic Spy was found present in over a thousand apps since its existence was spotted in August 2017. The more recent version of the malware on Google Play was in a messaging app named Soniac, which was in the Play Store from an account called iraqwebservice. Security researchers advise users to avoid files and apps from third-party sources, so they should go to their security settings and disable any unknown sources.

Faketoken malware

Another malware, this time detected back in 2016 aimed at users of banking apps, Faketoken has reappeared again. The last version that is out right now is attacking through ride sharing apps. Kaspersky Lab found out the malware is finding its way onto smartphones via SMS messaging that ask for downloads of photos. Once the user gets fooled into downloading the photo, the malware moves on to install itself on the affected phone, hijacking the user interface of one of the ride-sharing apps with a fake version. The malware is targeting the apps, not because of inherent vulnerabilities, but because the users are more likely to share information on their credit or debit cards via those same apps. Once the details get shared, the malware will intercept them and send them off to the attackers. Users can avoid this from happening by deleting any messages from any unknown users.

Invisible Man malware

This malware is made to target users of mobile banking. It has been so far limited in scope to European countries such as France and Germany. The malware was first spotted by Kaspersky earlier in August 2017. Once it gets installed, it tries to trick its users into giving it full permission and access with authority over other apps. Every time users type something, such as login details on their banking account, the keylogger moves to send that data to the hackers. That gives them full access to the bank account of said user, with nothing to show foul play at first. Users may not even suspect anything since it hides as a flash player download, which is still needed to run a lot of websites, games, and videos on Android. Users should always download Flash from its original website before returning to the website that needs it.