Android apps that are not downloaded from the Play Store are all potential malware, and all users are advised not to download third party apps. In case you need to download third party apps, you need to install the extra layer of anti-virus to protect your Android. Researchers have shown, though, that most of these anti-virus apps are hardly foolproof.
Scientists from the Georgia Institute of Technology analysed 58 of the anti virus apps that could be downloaded from the Play Store and most of these were found to be not up to the mark as far as securing Android devices against modern day malware devices. The analysis for the study was published last month. Google is also set to incorporate its new artificial intelligence based security tool Play Protect and this feature will be a part of Android’s new software update Oreo 8.0.
The Play Protect tool will monitor your phone as well as the play store for malicious apps. At the same time, Android users are also expected to be more vigilant against malware, including while browsing online or downloading anything from the internet. Some of the new malware that might be the next thing to crash your phone, masquerading as a benign webpage, app or media content, may be one of the following:.
Sonic Spy
The dangerous piece of malware code has the ability to record conversations using the microphone on your device and also snap pictures using the front camera. All this process could be done without the user’s knowledge. The malware can also leak personal information like call logs, messages, contacts as well as Wi Fi access points. Since being found for the first time in August, Sonic Spy has been found in about a 1000 apps and quite a few of them were on the Google Play Store itself.
The messaging app Soniac was the most recent version of the malicious code and was published by a Play Store account by the name of iraqwebservice. Third party sources should not be used to download apps or files on your Android, and this can be done by going to Settings and then Security, where you will find the option to turn off unknown sources.
Faketoken
This malware primarily targets banking applications, and has recently made the rounds again after a brief lull. It was first found in 2016, and basically lets attackers gain access to sensitive data through ride sharing apps in its most recent avatar. The Kaspersky Lab reports that the malware gets into the user’s smartphone via text messages that ask the users to download some pictures. If the user does decide to download those photos, the malware installs itself on the phone and then proceeds to clone the UI of ride sharing apps with a fake one of its own.
Ride sharing apps are not inherently risky, but users do share their credit and debit details freely on these apps and that has made them a target for malware developers. Once users share details on the fake apps, the malware sends the information to the hackers. This malware can be simply avoided by not downloading pictures advertised via SMS.
Invisible man
This malware has been restricted to countries in Europe such as Germany and France, and has appeared to target mobile banking apps in particular. The malware was first detected by the Moscow based Kaspersky Labs. If the app is installed, it will fool the user into giving permission to accessibility services which in turn give the malware authority over other apps. This can lead to the catastrophic scenario where a keylogger can acquire permission over your banking app. When the user types in the login details oh his or her bank account, the keylogger can capture it and send it back to the hackers. The malware is disguised as a flash player download, which makes the users usually unsuspicious, as flash players are still required to run many websites, online videos and games on Android. The way to circumvent this is to always download flash players from original sources and then go back to the website that needs it.