TEHRAN (Press Shia) – Android users are being warned about a dangerous new threat, with security experts cautioning tablet and smartphone owners about the risk from a number of popular apps.
Android owners need to be aware of the apps they’re downloading onto their smartphones or tablet at this festive time of year, security experts have warned. The latest alert comes after a flurry of worrying reports over the last few months with some leaving Android fans open to online attacks.
These warnings include malware that could reinstall itself behind your back whenever you tried to delete it, a dangerous vulnerability that tricked users into entering their bank details into a fake login screen, as well as dozens of apps from the Play Store laced with malware, Express reported.
However, there’s now a new warning and it’s vital that fans pay attention over the festive period. It seems that with Christmas just around the corner, cybercriminals are using the festivities to mount an attack on unsuspecting Android users.
According to the team at Barracuda security, there have a been a number of Christmas-themed apps released which are intent on making mischief on your mobile – from using your handset to generate money for criminals by packing your screen with invasive adverts, to quietly scanning through every text message you’ve sent from your phone.
Using Barracuda Advanced Threat Protection (ATP), the research team scanned and analyzed more than 4,200 Android apps related to the holiday season, including shopping apps, Santa video chat, and holiday-themed games.
Of those checked, 35 contained adware – a technique that displays more invasive and potentially malicious advertisements than standard ad-supported apps. 165 apps had excessive or dangerous combinations of permissions, and seven were found to exhibit malicious behavior, like replacing the app with a version downloaded from the Internet via a command-and-control server.
Some of the apps were even discovered to be granting the ability to read your text messages. This could then be leveraged to intercept multi-factor authentication tokens.
Similarly, granting the ability to send SMS messages could be used to send spam or phishing campaigns from your device.
It’s unclear where the apps were distributed as there is no mention in the research about the software originating from the Google Play Store.
But it once again goes to prove that smartphone owners should always check before installing anything onto their phones. To help Android owners stay safe, Barracuda has revealed their top tips for keeping devices free from security threats.
These include: Be diligent and avoid getting more than you bargained for when downloading holiday-themed apps by following these cybersecurity tips:
Check the reputation of every application you download — Look at user reviews (or lack thereof) and how long the app has been around. Be aware of the permissions you’re granting, especially suspicious ones that can put your personal data and contacts at risk, regardless of whether the app itself is malicious. Consider whether granting the permissions make sense based on the nature of the app. For example, a shopping app shouldn’t generally require the ability to read or write text messages or access your phone. Likewise, most simple games shouldn’t require any permissions at all.
Look before you click — Follow standard precautions when viewing email, clicking a link, or going to a website. Check the sender and URLs in emails to be sure they are legitimate. Be sure the website address is correct in the URL bar. Look for irregularities in the layout of frequently-visited sites after clicking links to them.