TechTarget

User's guide to protecting against Google Android app Trojans

Malware targeting the Android mobile computing platform is increasing, according to the Symantec official blog.

Malware targeting the Android mobile computing platform is increasing, according to the Symantec official blog.

Overall, malware targeting mobile devices rose 46% in 2010, according to a fourth quarter threat report from security firm McAfee.


User's guide to protecting against Google Android app Trojans >>


The report said this trend is expected to continue throughout 2011. While Nokia's Symbian operating system is still the most targeted, hackers are starting to focus on Apple's iOS and Google's Android systems.

Cybercriminals are tracking the increased popularity of Android, which overtook Symbian for the first time in the last quarter of 2010, the report said.

The most recent example of Android malware, says Symantec, is a Trojan called Android.Pjapps, spreading through altered versions of legitimate apps hosted on unregulated third-party Android marketplaces.

Android.Pjapps masquerades as the popular Steamy Window app.

Legitimate features of the original app are still present in the malicious version, which allows an attacker to build a botnet.

The malware can install applications, navigate to websites, add bookmarks to the user's browser, send text messages, block text message responses and send sensitive user information to the attacker.

According to Symantec, the Trojan has been designed to peddle ad campaigns and gain benefit by connecting to third-party premium rate services at users' expense.

User's guide to protecting against Google Android app Trojans

  • Android users can protect against Trojanised applications by:
  • Using only regulated Android marketplaces for downloading and installing Android apps
  • Adjusting Android OS application settings to stop the installation of non-market apps
  • Reviewing other users' comments on the marketplace to assist in determining if an app is safe
  • Always checking the access permissions being requested for installation to ensure they are not excessive for what the application is designed to do
  • Using mobile security software on devices to ensure any downloaded apps are not malicious
  • Considering a mobile management system in the enterprise to ensure all devices that connect to corporate networks are policy-compliant

 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close