If you've been watching tech news headlines over the past week, you've likely heard that Android malware is growing at an alarming rate, up something like 472 per cent from May of this year. Should you be worried and run off to purchase and install an antivirus package for your Android phone? Not so fast; there's just as much controversy over those utilities as there is over the malware itself.
Yes, Malware for Android Is Real, And It's Growing
The one thing that can't be refuted is that the amount of malware for the Android platform has skyrocketed. After all, it's only natural for malware authors to target one of the most popular and fastest growing mobile platforms. Juniper's Global Threat Center, the group that created the report and the infographic that's been raising eyebrows points out that the flood of Android malware can be broken into two categories.
- SMS Trojans. SMS Trojans operate in the background of normal applications, sending SMS messages to premium rate numbers, or numbers that charge you each time an SMS is sent to them. In the same way you can send an SMS message to a specific number to vote on a television show (and conveniently pay a modest fee for sending that massage), these trojans send messages to numbers — often international — owned by the attacker. In fact, you don't even notice the unusual behaviour until you review your phone bill, or check your account to see if there's been recent SMS activity. Of course, by the time you see it, the messages have already been sent, and your account has already been billed. SMS trojans account for just under half of all Android malware.
- Spyware. The lion's share of Android malware is actually spyware. Just over half the known examples are applications that access have deep access and permissions to your system, or which exploit vulnerabilities in Android to gain root access to the device, collect information about the device and the user, and then send it back to the app's developer.
Juniper isn't the only security research firm that has highlighted the threat. A new report from McAfee, highlighted over at Neowin, says the same thing. Both research firms say that the bulk of the malware is being written by the same authors who were responsible for similar attacks against old Windows Mobile and Symbian devices years ago. In essence, it's not that Android has suddenly drawn in a new generation of malcontents, but that the older, more vulnerable platforms aren't as interesting anymore.
No, Mobile Anti-Malware Utilities For Android Are Not Perfect
To combat the mobile malware threat, a number of security firms have released their own utilities designed to keep you safe. Researchers will tell you that you need some kind of protection to keep your phone and the data on it safe and secure. That may be true, but not everyone is taking research firms like Symantec, McAfee and Juniper at their word. Google's Chief Evangelist, Chris DiBona, called out researchers for being charlatans and scammers and accused them of peddling "scareware". Admittedly, DiBona isn't exactly an impartial observer, but there may be something to his concerns.
DiBona notes that even though there has been a rise in malware for the Android platform, there has yet to be an open and spreading infection among Android devices, the same way we've seen with desktop computers. Part of the issue is that there's no simple transmission method between mobile devices in the wild. Despite DiBona's concerns, security researchers point out that mobile devices are essentially handheld computers, and that they carry a great deal of information about us that identity thieves would consider valuable.
At the same time, security products available for Android don't offer the same level of protection that desktop security tools offer. There's no active scanning of files or applications that enter memory, or regular checking of applications that are downloaded and installed. You can't just install a mobile security suite on your Android phone and assume you'll be safe regardless of what you do. Until security tools mature, the real weapon you have against Android malware is common sense. Don't install applications from unusual or suspicious sources, avoid installing apps from the Android market or other trusted markets, and evaluate the permissions required by the apps you install before you install them or allow them to auto-update. Keep a close watch on your SMS and data activity even in between billing cycles, and raise any issues to your carrier as soon as you see them.
Well, the question we started with was: Does Android antivirus apps actually do anything? The simple answer is yes. They can be helpful, even if they're not bulletproof or even as protective as their desktop counterparts are. There's a ton of Android malware out there, but the upside to the whole affair is that it's not terribly easy to get, if you use your phone normally. Also, even if the malware threat to Android is a bit overinflated right now, security companies that are eager to sell you an antivirus package or app for your mobile device are at least providing a partially useful service.
Even if their apps aren't ready for prime time to combat malware in the wild, they do give you other useful tools, like remote tracking or data wipe if your phone has been lost or stolen, backup for all of your files and data and more. At the same time, some apps have those same features for free. If you've installed Norton Mobile Security or McAfee Wavesecure, there's no need to uninstall it and ask for your money back. The utilities will only get better with time. Still, keep in mind that no mobile security app is a replacement for common sense.