Symantec has published an analysis of malware that targets Android users for personal information. Android.Exprespam was discovered at the beginning of January and has only been around for a couple of weeks, but analysis shows that the scammers seem to be having a lot of success with the malware already. The data obtained indicates that the fake market called Android Express’s Play has drawn over 3,000 visits in a period of a week from January 13 to January 20, resulting in potential theft between 75,000 and 450,000 pieces of personal information.
According to Shantanu Ghosh, VP & MD India Product Operations, Symantec, “The number of vulnerabilities in the mobile space is rising. Mobile malware authors are not only reinventing existing malware for new mobile platforms, but creating mobile-specific malware geared to the unique mobile opportunities such as BYOD and increasing mobile transactions. 2011 was the first year that mobile malware presented a tangible threat to businesses and consumers. Since then, scammers have come a long way modifying their tactics so that the scam provides a good ‘return’ for them.”
On the Android platform, users have limited visibility when installing packages, especially when. manually installing packages or installing from non-official app markets. This is why most Android malware that includes other malware does this embedding in the simplest way: they simply include the software’s harmful results either as a raw resource or as an asset in their own package.
Symantec recommends users to follow a few simple checks:
First, one should download only official applications from the store or from a trusted source. One should download only those applications which are from reputable developers. A check needs to be done on how many downloads and applications there have been and the feedback from users who have downloaded the application needs to be read. It is also important to check the permissions that the app asks for – for e.g.: a user should be wary when an app requests permission to send SMSes. Android users should avoid using links in emails from unknown sources, only download apps from well-known and trusted app vendors and install a security app.