Mobile Malware

SC Magazine recently reported a malicious application in Google’s Android online market store http://www.scmagazineus.com/malicious-apps-found-in-googles-android-online-store/article/161001/. Due to the highly open nature of Android applications, this is going to probably be a huge problem. Here is the real irony. Many people will probably switch from Android to the iPhone because of the security concerns. Why is it ironic? Because the biggest threat a user will likely face with an android phone is choosing to install an application that they should not. Apple simply refuses to let you choose to install anything they haven’t explicitly approved, unless you jailbreak your iPhone, which probably makes it roughly the same as an Android when it comes to security.

If you want to use a mobile banking application then find out from your bank what they support and recommend. First Tech Credit Union even advises their customers that they don’t have a banking application for the Android http://www.firsttechcu.com/home/security/fraud/security_fraud.html

 As for all of those other cool apps, I recommend that you don’t be an early adopter. In most cases you have no idea who wrote the app, what their intentions are, or what training they have had in writing secure applications. A well intentioned developer doesn’t mean a well trained developer. A poorly written application can be a gaping security hole.

Be wary of any applications you install on your mobile devices. Be VERY choosy about where you download from. Not all that long ago there was a story about a service provider in the United Arab Emirates who sent out an SMS message to BlackBerry user’s indicating that there was an update for their devices. The update was spyware sent from a telephone company. If there is an update to improve my Blackberry’s performance then I will get it from RIM, the makers of the Blackberry. There may be certain times that software must come from my service provider, but the RIM website will advise me of that.

If there is an app that is just so cool you have to have it, wait until it’s been out for a while and see what’s reported back.

It looks like 2010 is going to be a pivotal year for mobile malware. We may not see a lot of it this year, but we are seeing a robust infrastructure reaching enough maturity to support wide scale attacks. A stock Android will probably be relatively safe, but the applications you can choose to put on it may make it very unsafe.

The key differences in the threat against an Android and a Blackberry is that it costs a lot more to develop an application for a Blackberry and many users are restricted by corporate software policies that prevent them from installing applications that are not approved. If you have a Blackberry that is not restricted, don’t expect that all applications you can download are safe… they aren’t.

 Yeah, ESET has a mobile antivirus solution for some types of mobile devices. We will probably cover many more devices in the future, but your strongest defense is making good decisions about what you install. It’s really the same for your Mac or PC as well.

Randy Abrams
Director of Technical Education

Author ESET Research, ESET

  • Jason

    I use NOD32 on my home PC. I think that I am very judicious about what apps I install.  However, to know that ESSET was looking out for anything I miss would be a great comfort.

  • Ali

    I use Nod32 Smart Security 4 and is helping me protect my computer above my expectations :) … I would love to have a NOD32 for my Android HTC Desire though since these blog posts are worrying me just a little to tell you the truth. Won't want my brand new Desire to go out on me. Please ESET, make an Android version quick. I'd love to buy one for my phone.

  • Jonathan Lawton

    +1 Eset Mobile Antivirus On Android.
    Android lacks AV Software

  • Android User

    Please make an Eset Smart Security 4 app for Android phones! I use it on my PC and promote it daily to customers! Great solution to anti-virus using low resources!!!

  • Danny Bourdon

    In spring 2010, I downloaded Eset Cybersecurity AV Beta (for mac) and proudly participated by reporting issues with the AV. I have withnessed Eset's dedication in developping a new product and helping their costumers. I would without hesitation download and ESET android based AV for my HTC Nexus !!!

  • News and Technology

    where download nod32 for android ?

    • Randy Abrams

      Currenty ESET does not make a product for the Android.

  • william

    Please make an Eset product for Android.. wether the devices that run its OS need it or not just make it. I WANT IT!!!!

  • Denis

    Forward to seeing ESET Mobile Security. Order devices Android. Thank you in advance.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

2 articles related to:
Hot Topic
14 Jan 2010
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.