A while back we did a story on why mobile security is so crucial for Android smartphones and tablets. At the time, hundreds of curious clickers had fallen victim to the DroidDream Trojan (and more recently the DroidKungFu Trojan), which gains access to your private information and sends it to the bad guys.
The topic is constantly on our minds, especially following the report that Americans are now spending more time with mobile apps than they do online. (Yes, you read that correctly, and it bears repeating: Americans are now spending more time with mobile apps than they do online.) The report also found that "47% of mobile app usage in May was game-related," so it's no surprise that some cybercriminals, who are also following mobile trends, have been turning their attention to the gaming app realm, or in this case—yes, we're all sick of hearing the name—Angry Birds.
In June, Threat Research Analysts Armando Orozco and Andrew Brandt took a closer look at a piece of mobile app-related malware that was originally discovered by North Carolina State University researcher, Xuxian Jiang.
The malicious code, dubbed by the author as Plankton, was embedded with the following Android apps: Angry Birds Rio Unlocker v1.0, Angry Birds Multi User v1.00 and Angry Birds Cheater Trainer Helper V2.0. Apparently the malware writer knew that some Angry Birds enthusiasts would lick their chops at such tantalizing titles.
What they found was that—unlike other recent malicious apps—these Android Trojans don't obtain root, or administrative, access to the operating system. "Instead, the remote commands simply give an unknown criminal access to what some may consider sensitive data on the phone, including the browser history, bookmarks, and homepage settings in the built-in Android browser," said Brandt.
While the direct motivation for stealing this data is not yet known (the app developer is still anonymous at the moment), we can expect that more and more apps will make use of Google's open architecture, as well as our insatiable appetite for the latest and greatest mobile apps.
Our threat research team says that Android users can protect themselves by using a little common sense when they download apps: Does the app sound like what it promises to do is too good to be true? Does it ask for all kinds of permissions that it shouldn't need to fulfill its mission? If it does, you might as well pass on downloading.
You can also lower your chances of downloading an infected app by sticking to the official Android Market or to legitimate sources like Amazon. But here's one important caveat: While most Android apps are safe, there is a small but rising number of apps that are designed by criminals, and it can be nearly impossible to tell the difference. And if you don't want to wait for Google to correct the problem after you or others have already been infected, you might want to download a mobile security app that scans every app before it's downloaded.
For up-to-date info on more annoying threats like the ones we've mentioned in this article, please visit our threat blog, http://www.webroot.com/blog/.
By Alex Fairbanks