How bad guys put malware inside your smartphone

How bad guys put malware inside your smartphone

What gadgets store our personal details, keep us in touch with friends and co-workers, provide access to our financial accounts, and even secure our homes? You guessed it right – our smartphones!

Our smartphones have evolved to become the digital portals to our entire lives and due to this larger role, cybercriminals are targeting smartphones more than ever.

Due to their portability, users are connected through their smartphones almost all of the time, making them much more enticing targets than traditional desktop PCs.

One such persistent threat is ad-clicking malware like HummingBad, a type of malicious mobile software that started infecting Android smartphones earlier this year. HummingBad takes root access in an Android device to generate false ad clicks, and in some cases, download unauthorized apps.

How profitable is this scheme? The fake ad clicks and app downloads can generate up to $300,000 worth of revenue per month for its creators.

Although HummingBad is currently being utilized solely for ad revenue generation, it could potentially be more than just that. Since it has root access, it could transfer personal information, spy on the victims or turn the infected devices into botnets. Bad news all around.

How do bad guys do it?

Cybercriminals have a good number of tricks to fool you into downloading mobile malware. Look out, if you’re not too careful, you can be their next victim.

Drive-by downloads

One technique is the drive-by download method, where the victim is directed to a website that hosts the malware in attempts to gain root access to the device. These sketchy websites often look legitimate but they are designed to fool you into installing malware by clicking cleverly disguised links.

Tip: Try using a third-party DNS service like Quad9 to protect your gadget from fake websites, drive-by downloads and misdirects.

Fake updates

A secondary method is via fake system update notifications that grant system-wide authorizations and root access to the malware. Scammers can hide malware under fake Adobe Flash or Android system updates and once installed, they can disable your phone’s security settings.

Tip: Enable Google Play Protect on your Android gadget to get real-time protection against mobile malware. To check if Google Play Protect is on, navigate to Settings >> Google >> Security >> Google Play Protect (may also show up as Verify Apps in some phones) then make sure it’s toggled on.

Unknown sources

Another good practice is to avoid downloading and installing apps from “Unknown Sources.” Only download apps from the official Google Play app store and make sure you check user reviews, too, before installing.

Tip: Here is how to check the setting: Open Settings >> Security >> Unknown Sources. Make sure Unknown Sources is disabled.

How to detect a virus on your Android

So how could you tell that your Android device is infected?

There is no concrete way of telling, but if you suddenly get more ads on your phone, or your data usage has gone up unexpectedly, you may want to check your device. Also, if you notice apps on your phone that you don’t remember installing, that’s another red flag.

For more on how to detect if your Android gadget is infected with malware, check out our guide.

Tags: cybercriminals, Google, malware, security