As new mobile malware sweeps the globe, here’s how to keep your device secure.
We’re spending more and more of our lives online and for most of us the door to this digital world is our smartphone. It’s the first thing we look at when we wake up and the last thing we check at night. It’s where we do our banking and shopping, where we hang out with friends, play games to pass the time, post status updates and share photos. It’s where we watch TV, hail cabs and even consult our local doctor.
There’s just one problem: the bad guys know this and they’ve become highly skilled at making money off the back of our reliance on mobile devices. Early this month a new global Android malware campaign called Agent Smith was revealed to have compromised 25 million handsets across the globe including many in the US.
It should be another reminder to users not to take mobile security for granted. Fortunately, with a few easy steps you can make giant strides towards keeping the hackers at bay.
What is Agent Smith?
Remember the malignant agent/virus antagonist to Neo in The Matrix? Well, Agent Smith is the latest in a long line of malware campaigns designed to infect consumers’ mobile devices. It begins life embedded inside legitimate-looking applications like photo apps, gaming titles and/or adult-themed software. These are found more on popular third-party marketplaces such as 9Apps, rather than the official Google Play store, though it showed up there too.
Once a user installs one of these booby-trapped apps, the malware will get to work, exploiting vulnerabilities in the Android operating system. It extracts a list of all the legit apps that the user has installed on their phone and then sets about replacing them with identical-looking but malicious versions.
How does it affect me?
If you’re unlucky enough to have your device infected with Agent Smith, it will then go on to hijack your apps to show unwanted ads – thereby generating the hackers money. Although this doesn’t sound too catastrophic for the victim, there is the potential for the attack to get much worse. Researchers have claimed that the same malware could be used to steal sensitive information like online banking credentials from an infected device.
As of early July, Agent Smith had already infected over 302,000 mobile devices in the US. The number may be even higher today. It’s one of the biggest threats seen so far this year, but it’s by no means the only one. Attackers are always looking for ways to get malware onto consumers’ devices, and in so doing:
- Steal log-ins for key accounts like online banking
- Secretly mine for crypto-currency using your device, which can cause it to slow down
- Flood your screen with pop-up adverts, making it unusable
- Lock your device with ransomware until a fee is paid
- Sign your device up to premium rate services which can incur heavy charges
How do I stay safe?
Google is getting better at preventing apps loaded with hidden malware from being published on its official Play Store, but there are still occasions when some sneak through. The hackers behind Agent Smith were found to have hidden malware elements on 11 apps listed on Google Play. Two of them had already reached 10 million downloads by the time Google was notified and they were withdrawn.
App downloads are also only one of several avenues where your mobile device could be at risk of attack. Others include via malicious text or IM messages, public Wi-Fi networks that you might be sharing with hackers, and even lost or stolen devices.
Here’s a quick rundown of some key steps to stay safe:
- Stick to legitimate stores (Google Play and Apple’s App Store) – you are 23 times more likely to install a potentially harmful application (PHA) outside Play, according to Google.
- Read the permissions requested by applications when you install them. If they seem excessive (i.e., a gaming app that wants to access your address book and microphone) then avoid. It’s better to be safe than sorry.
- Always ensure you’re on the latest version of Android.
- Don’t log-in to public Wi-Fi, or if you must, don’t use any sensitive accounts (email, banking etc) until you get back onto a private and secure network. Otherwise, use a WiFi VPN, like Trend Micro WiFi Protection.
- Ensure your device has a remote lock and wipe feature switched on, to sign out of accounts and wipe the device if it is lost or stolen.
- Don’t brick/jailbreak the device as this can expose it to security risks.
- Be cautious – you may be more likely to click on phishing links in emails, texts, and via social channels when on the move as you could be distracted and/or in a rush.
- Run anti-malware on your mobile device, from reputable company like Trend Micro.
How can Trend Micro help?
The last recommendation is non-trivial. Trend Micro offers customers comprehensive anti-malware capabilities via Trend Micro Mobile Security (TMMS), which provides protection from malicious apps via the Mobile App Reputation Service (MARS).
With Agent Smith, there are two malicious parts: the Agent Smith malware itself and the doppelganger apps that it creates on victim devices to replace the legitimate ones. MARS/TMMS detects both. On Google Play, the MARS/TMMS pre-install scan will detect Agent Smith before it installs. (This same function will prevent you from downloading other malicious apps to your device.) Otherwise, both Agent Smith (installed from a 3rd-party store) or the doppelganger apps it creates will trigger the real-time scan in MARS/TMMS and warn you the apps are not safe, so you can delete them from your device.
Among its other features, Trend Micro Mobile Security also:
- Blocks dangerous websites
- Checks if public WiFi connections are safe
- Guards financial and commercial apps
- Optimizes your device’s performance
- Protects your kids’ devices with parental controls
- Protects your privacy on social media
- Provides lost device protection.
Used in conjunction with Trend Micro Password Manager, for securing and managing your passwords, and Trend Micro WiFi Protection, for keeping you save on public WiFi, Trend Micro Mobile Security can help keep your mobile device—both you and your identity—safe from threats like Agent Smith and countless others.