Are Your Mobile Apps Infected With Malware? Here’s How to be Sure

Your smartphone is essentially a miniaturised version of a computer, hence, just like any other computer or laptop out there, it is susceptible to a lot of different kinds of malicious software. However, it is becoming tougher to tell if your gadget is compromised. This is intentional, as the creators of malware do not want you to be able to identify and remove intrusive or harmful applications.

So, how serious is the problem, and how can today’s mobile phone users protect themselves from becoming the next victim of a hack or a costly data breach? We reached out to a few industry experts to get the answers.

Biswajit De, Senior Technical Consultant, Trend Micro, agrees that it is a growing issue, claiming that malware-infected apps can easily go unnoticed or mistaken for a legitimate one. To give an example, he spoke about several fraudulent apps that were discovered on the Google Play Store not too long ago, which were found to contain the Android/Trojan virus.HiddenAds.BTGTHB. These viruses managed to bypass all of the application store protection and infect millions of Android users.

Another example would be counterfeit apps, which closely mimic real ones. Many of these have embedded malicious payloads and can be easily confused with legitimate apps. The good news is that these are easier to spot if users pay close attention to the signs (more on that later).

Niel Pandya, CTO & Cybersecurity Lead, APJ, Micro Focus, commented, “We use our smartphones for a range of activities and purposes, from messaging, video conferencing, online banking, social media interactions, to mobile boarding passes, and more. Think about the number of apps we have now compared to a decade ago – it’s probably multiplied significantly. But are all of these apps secure?”

Considering how vulnerable individuals are to having personal information accessible via a single device, Neil stressed that strict standards and guidelines must be in place to help mobile app developers secure apps from threats such as malware. There is a need for regulators to work with popular platforms but also a need for comprehensive coverage. This includes encrypting source code, data in motion, sensitive data, and more. Most importantly, it is crucial for vulnerability testing of the code to be done across all mobile attack vectors.

Android or iOS? Which is More Secure?

Android’s open ecosystem has its advantages but it also makes the operating system more susceptible to fraudulent apps than iOS. According to Biswajit, “As readily available resources to the public, open-source applications are more vulnerable and easily modifiable – making them more challenging to spot.”

Recent research observed that criminal actors have had to grow more imaginative in order to get their malware-laden apps onto Android devices. The same report also discovered that Trojan dropper apps have garnered over 300,000 downloads on Google Play to steal people’s financial information.

For Apple users, you could be thinking, “I have an iPhone; This probably doesn’t concern me.” Well, my readers, I hate to break it up to you but while Apple’s stringent review procedures do make iPhones less susceptible to malware attacks than Android phones, this does not make them immune to all infections.

Kelvin Lim, Director of Sales Engineering (APAC) at Synopsys Software Integrity Group, shares that for Apple products specifically, a common root of malware-infected apps is jailbreaking iPhones. Essentially, jailbreaking exploits the flaws of a locked-down iPhone to install software other than what the manufacturer has made available for that device. He explained further, “Despite jailbreaking giving users more control, it also gives all running apps that same control, and removes Apple’s ‘walled garden’ safety, which protects users from security threats. This makes the phone vulnerable due to installations avoiding the Apple application vetting processes, which helps ensure only virus-free apps are downloaded.”

Thus, it is crucial to maintain vigilance regardless of the mobile operating system you use. Any software could be hiding malicious code beneath its seemingly innocent exterior.

Indications of Infection

Here are some “signs” to watch out for but while these are not definite indications that your mobile device has been compromised, they may signify that something is amiss.

• Those Annoying Pop-Up Ads

You may have adware on your device if you suddenly begin receiving a large number of advertisements within a certain app or even when no apps are running. These intrusive windows may try to monetise your clicks on advertisements, infect your computer with malware, or lead you to fraudulent websites. Do not click that button under any circumstances!

• Hidden Charges on Your Statement

It is a good idea to review your monthly phone bill and credit card statements to ensure that you recognise all charges. If not, you could be a victim of cramming, a fraud that adds unnecessary services to your phone and charges to your phone account (opens in a new window). It is your responsibility to monitor your wireless bill closely and spot any suspicious charges, as some wireless companies have been accused of turning a blind eye to such things in order to keep a larger slice of the monthly fee for themselves.

• Faster Battery Drain

Even though battery life will gradually decrease overuse, you might, however, notice that your phone’s battery is draining faster than usual. There is a chance that malware is using your phone’s resources without your knowledge or consent, draining the battery as it does so.

• Overheating Phone

Your phone should never get warm to the touch under normal conditions but some malware can overwork the internal CPU or charging mechanism, causing the temperature of your phone to increase. If your phone starts to overheat, turn it off and disconnect it from any power source. There might be a possibility of fire from an overheating phone or even an unexpected explosion if it is left for too long.

• Phone Running Slower than Usual

Your smartphone, like a computer, has an internal processor utilised for calculations. If malware has taken control of your device, it may be overworking the phone’s internal components, making even routine actions take longer than they should. It’s possible that malware is to blame for your phone’s abrupt slowdown and crashes.

• Communication Issues

A malware-infected phone’s inability to prevent an outgoing connection to a foreign server from disrupting the phone’s capacity to maintain a stable Wi-Fi or cellular connection can lead to connection drops and other issues. Call drops may be the result of malware on your phone, even if other devices on the same Wi-Fi network and in the same home are functioning normally.

• The Appearance of a Strange App

It is possible that a downloaded app contains malware that will secretly download and install other software on your device. Check to see if you actually need all of the apps on your phone. Do not launch the app if you come across suspicious content.

In addition, if your device is unable to shut down or restart, does not allow you to remove certain software or exhibit other unusual behaviours (such as sending emails that you did not write or displaying unrecognisable numbers), these may be tell-tale signs that it has been infected with malware.

Ways to Avoid Infection

Malware continues to be a top security threat to applications and devices, and addressing the problem is by no means a simple feat. According to VMware’s Denis Donnelly, Director, Security Business Unit, Southeast Asia and Korea, today’s cybercriminals are capable of devising carefully crafted tactics to lure unsuspecting users to browse malicious websites and download malware or malicious applications. “While we all know we shouldn’t download anything from unknown websites or open suspicious email attachments, it’s sometimes difficult for security-conscious users to tell the difference,” he warned.

To avoid getting infected, first and foremost, he reminds users not to click on or open pop-up ads and pay attention to the browser’s security warnings before downloading any file. What else can you do to protect yourself, your device and your valuable data?

• Install Reputable Anti-Malware Software

One way we can ensure installed applications are free from malware and viruses as per the suggestion given by Denis Donnelly and Gary Gardiner, Head of Security Engineering, Asia Pacific and Japan at Check Point Software Technologies, Ltd, is through the use of cybersecurity software built for mobile devices. “This software should be kept up to date, scanning your devices regularly to identify potential malware,” said Denis.

Gary added that such software can highlight red flags and alert users about potential threats, and block malicious apps and profiles from being downloaded in real-time by looking for different indicators – ranging from IP reputation, visual and title similarity, domain URL, file extensions, and certificates to determine if malware is embedded within the installed application. More advanced software can also leverage machine-learning and AI, sandboxing, advanced static code flow analysis, anomaly detection, and app reputation to decipher whether applications contain malware.

• Download and Install Software Only From Trusted Sources

Gary and Liam Ryan, Vice President, Asia Pacific, Ivanti, both agree on one simple yet cost-free method of avoiding malware-laden applications, which is to only download applications from trusted and secured websites or app stores.

Liam Ryan said, “To ensure the applications that we install on our phones do not contain malware, make sure to only download applications from a trusted source such as the official store for your smartphone. While this would not eliminate all risks, Google and Apple require app developers to be bound by their consumer policy terms.”

Gary added, “Even while downloading applications from these trusted sources, it is important to review the recommendations, and the number of downloads of a certain application in order to verify whether the application is legitimate.”

• Restrict When Necessary

Liam believes that we should be suspicious of any app that requests access to more of our device’s resources than is strictly necessary, such as your contacts, camera, microphone, storage, etc.

Avoid the “always” option if you must provide permission to an app by choosing “Only while using the app.” Do not give it the rights it’s asking for if they do not seem to be necessary. You can always go back and modify your security settings if necessary. Liam also suggests that it is also a good idea to frequently remove unused apps from your device and to deactivate any associated online accounts.

• Utilise Virtual Private Networks (VPNs)

Malicious software can also be spread through the installation of programmes using public Wi-Fi, as pointed out by Kelvin Lim, Director of Sales Engineering (APAC) at Synopsys Software Integrity Group. Due to the lack of security and encryption on these networks, harmful software downloads are made more likely. Even if users connect to public networks, they will still be protected by the encryption offered by reliable Virtual Private Networks (VPNs).

• (For Organisations) Make Mobile Devices Part of Your Strategy

Undoubtedly, the way we work is evolving rapidly, especially since the pandemic forced more organisations to embrace remote working practices. In light of this, Debashish Jyotiprakash, Vice President, Asia and Managing Director, India, Qualys, organisations should include mobile devices in their threat and vulnerability management programme strategy. In today’s era of Bring Your Own Devices (BYOD), organisations that allow corporate apps to run on employee-owned handhelds must have a strategy around secure enterprise mobility. Not having real-time visibility of devices that are vulnerable or misconfigured can jeopardise organisational data in such devices.

Better to be Safe Than Sorry

As you can see, malware is no laughing matter. To protect yourself from cyber attacks, be wary of what you download and mindful of the rights you provide to apps.

Review the app’s ratings and comments to make sure users are getting what they expect before installing it on your device; however, be wary of apps with unusually high ratings or a large number of similar comments. A pay-to-play dynamic might be at play here. Don’t be too quick to give your personal information or accept offers from apps you haven’t researched thoroughly first.

You should generally only give an app permission to access the features you know it will use. For instance, if a messaging app suddenly wants permission to make phone calls or use your camera, that could be a red flag. A permissions manager is available in the privacy menus of both Android and iOS devices.

For businesses, education and awareness campaigns should be maintained constantly to reduce the number of employees who fall for dangerous software and apps.

In the words of Biswajit De from Trend Micro, it’s advisable to operate with the assumption that “you will be breached.” By embracing this mindset, you will take a more proactive approach to secure your devices, apps, and data.