Categories: Technology

New Studies Reveal Increased Threats To Android OS And Apps

If you are like many people, you treat your mobile device a lot like a computer. You make phone calls, access social media, do your banking, play games and even create and share documents. Given the level of sensitive information you store and access on your device, you would think security would be a top concern. Yet most people do whatever they want on their devices, whenever and wherever they want, without giving much thought to security. That’s a big mistake.

The threat of mobile malware has been increasing steadily in recent years, especially on Android devices. By some estimates, almost 97 percent of mobile malware is Android-based, and thousands of devices worldwide have been infected. While the overall percentage of infected mobile devices is far less than that of computers, the numbers are growing, which has security experts concerned. In fact, two recent studies underscore the need for users to employ an Android security solution to protect their sensitive data.

As most of you might know, the constant griefing that malware and viruses cause has been a plague for the personal computer for a long time and has cost companies millions. Not only to restore what was corrupted or destroyed, but also to build up a secure enough protection level where they are able to store and access their data while knowing they are doing so without the overhanging risk of being compromised. This griefing has now been migrated to the Android OS (and other mobile operating systems as well.)

Infected Apps Are a Growing Problem

The problem of infected applications has long been a concern for Android users. Although responsible users know it is best to only download apps from the Google Play Store, even those apps are not always entirely safe. [pullquote]According to one study, one in every 1,000 apps in the Google Play Store either has malware or had it at some point.[/pullquote] Other sources of applications, primarily those from the Middle East and Asia, had even higher amounts of infected applications: About one-third of the apps from stores like eoeMarket and Mumayi contain malicious code.

However, the application does not have to contain malware in order to create a security risk. The design of the app itself can create a privacy or security risk that must be mitigated by strong antivirus protection. In fact, a study released in January 2014 revealed 92 percent of the most popular applications on the market contain flaws creating privacy and security risks, most commonly using non-secure communication protocols.

Other problems include communicating with blacklisted domains, working with disreputable developers and the ability to load external applications without the user’s knowledge or permission.

Researchers note many of the risks can be mitigated by reading the terms and conditions before downloading apps, and avoiding unsafe downloads whenever possible. However, this does not address a potentially larger problem for Android security.

Updates Increase Risk

One of the best practices for maintaining Android security has always been to update the operating system whenever necessary. Most users are prompted to run the update when it is available, and encouraged to do it as soon as possible to mitigate any risk of vulnerability from using an out-of-date platform.

However, research conducted by scientists at Microsoft and Indiana University Bloomington have discovered the process of updating the Android platform can actually create security vulnerabilities. Essentially, when a device is updated, it replaces old files and adds new ones on a live system, all while trying to maintain the integrity of existing applications on the device. Because of the complexity involved with maintaining each Android application’s own sandbox and the privileges it has, it is possible for an update to inadvertently create security vulnerabilities.

Escalating Permissions: A Big Problem

The biggest risk, researchers found, was the problem of escalating permissions. When a user installs an app on a particular version of the operating system, the Android app is granted a specific set of permissions. However, it is possible for the application developer to write an application in such a way that it gets additional permissions on newer versions of the operating system — without the user’s knowledge. The result, known as a pileup flaw, is while the user believes he or she is doing the right thing by updating the system, the actual result could be a significant security vulnerability and lead to the loss of data.

Google is aware of the issue with pileup flaws, and has already issued patches to address some of the issues leading to this problem. There are also applications in development designed to scan the Android device’s applications for instances where permissions have been inappropriately escalated.

Still, the fact devices have this vulnerability, and the proliferation of malicious applications underscores the importance of installing robust mobile malware protection. The information contained on your mobile device is far too precious to be left to chance, and an anti-malware program will provide peace of mind.

Increased Threats Through Android OS Apps

IMAGES: WIRED & WALLPAPERSCRAFT
Richard Darell

Richard Darell is the founder and CEO of Bit Rebels, a multifaceted online news outlet that reports daily on the latest developments in technology, social media, design and everything geek. Today this media entity welcomes more than 3.5 million unique visitors per month and is considered the go-to place for people in constant motion. As an Internet entrepreneur, he is dedicated to constantly trying to develop new ways to bring content faster and closer to the end user in a more streamlined way. His excitement for statistics has allowed him to further develop systems that continuously produce accurate and fast-paced analytics to better optimize the approach by which Bit Rebels presents news and content. His graphic design background has proven to be an important tool when designing new systems and features for Bit Rebels since the development of solid and stable code depends entirely on their structure and implemented procedures. Richard currently resides in Stockholm, Sweden and directs the Bit Rebels offices in both Stockholm and Atlanta. You can reach Richard at richard@bitrebels.com

Recent Posts

White Label vs. In-House Facebook Ads: Which Is Right For Your Business?

Are you an entrepreneur or the manager of a digital marketing agency interested in Facebook…

2 days ago

How Are Restaurants Going Green? Six Eco-Friendly Trends Increasing In Popularity

As more and more industries adopt eco-friendly business practices, the restaurants is joining the ranks…

2 days ago

Thane Stenner’s Insight On The Impacts Of High Tax Rates On Canadian Wealth

Taxes are a fact of life, but are they driving Canada’s wealthy to seek greener…

2 days ago

Creating Impactful Business Outcomes: Adam S. Kaplan’s Visionary Perspective

In today's rapidly shifting market, achieving impactful business outcomes is essential for survival and growth.…

2 days ago

Dian Shuai: From Baroque To Big Screen – A Composer’s Journey Of Emotion And Excellence

Dian Shuai, a music and film composer from Beijing, China, has been immersed in music…

3 days ago

The Unexpected Ways Digital Communities Are Changing Sports Betting Trends

We’ve seen a rise in social gaming sites over the years. These sites, which are…

4 days ago