This week we’ve been reporting on an increase in cyber attacks, with the focus being on phishing scams, many of which have been praying on people’s fears over the coronavirus pandemic.
But there are many more dangers out there, especially for smartphone users – our phones have become such an integral part of our everyday lives that it’s easy to forget they’re a piece of tech that’s as vulnerable as any other where hackers are concerned.
And if you’re an Android user, it seems you could be at greater risk than your peers on Apple.
There are potentially hundreds of malicious apps lurking in the Play Store, and although not a massive number when you consider the tens of thousands of apps available, you still have to be vigilant when downloading software to any device.
If you’ve recently downloaded Whatsapp, the instant messaging service, from the Google Play Store, you may inadvertently let some malware loose on your system. If this is the case, you need to delete the imitation app immediately.
What’s the fake Whatsapp app?
‘Update Whatsapp Messenger’ is a fake version of Whatsapp that contains adverts and can download software to users’ devices. The hackers behind the fake app managed to make it look like it had been developed by ‘Whatsapp Inc’ – the developers of the genuine Whatsapp app – by using the exact name, but replacing the space with a special character that looks like a space.
This slight change would have been easy to miss, and the fake app was downloaded by more than a million Android users before being taken off the Play Store. If you’ve downloaded the fake app, you should delete it immediately.
Whatsapp has confirmed that anyone receiving updates from the real Whatsapp app would not have been affected.
Google Play’s Malware problem
Malicious app software is a big problem for the Android platform, and this Whatsapp scam isn’t the first time Google has had to take action against fake apps. One notable recent scam involved a program that disguised itself as a battery monitor, but once downloaded would send premium-rate text messages from users’ phones.
How do malicious Android apps work?
Malicious apps are developed to look like legitimate and helpful applications, but are loaded with malware known as ‘Dresscode’, which is designed to access networks, steal data, instigate DDoS attacks, and carry out spam messaging campaigns – this often happens when you open an infected direct message on social media, only to find you are then spamming everyone’s timeline and inbox with information on slimming pills, or something similar.
Dresscode can also pose a threat to your home or work network – if your device in infected and you connect to a network via a router with a weak password, it can potentially override the security and infect other devices also on that network.
How to protect against malicious Android apps
Only download from trusted sources
It’s easier said than done, given how adept scammers are at making their malicious apps look legitimate, but always be vigilant when downloading anything, and only ever download from trusted sources.
Many people don’t exercise the same caution when downloading apps, that they do when downloading programs to their home computer, but the dangers are just as real.
So, to try and reduce the risk, read the reviews and check the feedback score – if a highly rated app has very few written reviews, think twice about downloading it as the score might have been manipulated.
Then take a look at the app description, keeping an eye out for any spelling mistakes, grammar issues, or a slight re-working of the app or developer name can help you spot a dodgy app – remember, any changes can be really subtle, as in the case of the Whatsapp example above, so keep a keen eye out.
If anything doesn’t look right, or seems too good to be true, don’t download it.
Use mobile security software
Simply being clued-up about the dangers of malicious apps is a good start, but it’s also worth installing additional mobile security software on your Android device, as this will detect, stop and report the malware before it can spread to your device and others.
Norton Mobile Security and BitDefender are two good examples.
Has your Android device ever been hit by malware? Leave a comment to let us know what happened and how you solved the problem.
