Since last many years, smartphones have become very common due to their affordability and offering of very good performance. Besides the innovation in hardware, the applications that are used on these devices are getting better and versatile. Both hardware and software are designed to work in combination to give superior performance and different hardware brands use different mobile operating systems such as android or IOS. But, just like in case of computers, these are also prone to malware attacks. As these devices have a lot of our private data it is very important to protect them from attacks, and for that there are many free antivirus and anti malware software available. Hence, in this article we will look into different methods through which malware spreads on mobile devices.
The Operating System
There are primarily two operating systems in the market namely android and IOS, of which the former is used in majority of the smartphones. The applications that we use on these are distributed through their respective app stores like the Google play store and IOS app store. It must be noted that more than half of the apps in the play store are free whereas a quarter of the applications on the IOS app stores are free. Moreover, all the applications on the IOS app store are thoroughly scrutinised before releasing and hence they are relatively safer than play store apps.
Different Types Of Mobile Malwares
The following are the different malwares that risk the personal data on your phone.
They appear as harmless applications, however it does malicious background acts and compromises the security of your device and thereby enables another person to hack into your device. Some of the well known examples are KeyRaider, which was used to thieve Apple passwords, and another one is FakeNetflix that collects the details of Netflix users on Android.
This locks down the device or encrypts data files and blocks the user from accessing the device or data until the ransom is paid. For example a malware disguised as Avast antivirus locked victims device for ransom.
Back Doors – Root Exploits
Back Doors hide malware from antivirus programs by exploiting the root privileges. One of the popular Android root exploits is Rage against the cage(RATC) that gets access to the root privileges and completely controls the device. Because of this exclusive access, malwares can perform any operation such as installing other malicious apps without the user being aware of it. Moreover, this is a very prevalent issue in this age of smart mobile devices.
Spyware’s are basically spying software and they run discreetly collecting data in the background and granting remote access of the device to its author. It usually gets into the phone when visiting restricted web pages and this is a very common phenomena.
Bot is a kind of malware that gives control of the affected mobile device to the attacker and they are part of a network known as Botnet i.e. a network of infected devices across the globe.
Malware Spreading Methods
Now that we know about the different types of malware, we must learn how they spread in order to avoid malware attacks. Listed below are some of the spreading techniques.
- Dynamic Payloads
Here an embedded encrypted source is downloaded along with an application. After the app installation the malicious source is decrypted by the app and the malicious code is executed.
- Drive By Download
This usually occurs when the user visits a website, generally with risk warning that contains malicious content. As a result the malware is downloaded into the device unaware to the user. Moreover, this is one of the most common ways malware is spread on mobile devices.
- Stealth Malware Techniques
Here the vulnerabilities in the hardware are exploited to confuse and bypass the anti-malware. Some of the stealth techniques are dynamic loading, code encryption, key permutation etc.
Malware Evasion Techniques
Malware creators develop and use new techniques to bypass mobile operating system protection mechanisms and they are called evasion techniques. Listed below are few of the techniques.
- Anti-Security Techniques
These methods are used to bypass detection by firewalls, anti-malwares and any other detection tools.
- Anti-Sandbox Techniques
Running programs are separated from unverified programs to avoid harm to the system by sandboxing technique. Anti-sandboxing technique is utilised to stop reporting on the behaviour of the malware.
- Anti-Analyst Techniques
Here reverse engineering is avoided by using a monitoring tool and the tools can be Wireshark or process explorer.
Hence, malware creators use any or all of these techniques to avoid detection by phone security features.
These are some of the ways in which malwares are used to attack smartphones. Therefore, using top rated malware protection software is very essential to protect your data.