The Definitive Guide to Android Malware
Android enthusiasts have their own opinion as to whether you need antivirus software on an Android device. This debate will never end, provided that Android malware is in existence. This guide is not here to say, "Yes, you need antivirus," or "No, you don't." It's to give you all the facts, so that you can make a decision as to whether or not you need antivirus on your Nexus.
The term "malware" is broad. If an app constantly flashes up advertisements whilst not in the app, that's malware. An app would also be malware if it attempted to corrupt the file system, or sent all of your pictures to the developer, or recorded what you said without your consent. Malware on rooted devices could be ten times more serious than normal, with the potential to possibly trash your device.
It can be hard to class apps that share a lot of your data. These are not necessarily malware, but are a bit of a privacy issue. For this reason, a lot of the big antivirus software players include a privacy advisor. Does a calculator app really need the 'Precise location' permission? Probably not.
Malware can be installed in the following ways:
- Via an app—pretty self-explanatory. You download an app from the Play Store, or somewhere else, and the app causes havoc. Removing malware installed this way is normally pretty easy and requires a simple uninstall of the app in question.
- Via a security vulnerability—some devices (especially ones running older versions of Android) have security loopholes in the OS, kernel, browser, a system app, or somewhere else. A security vulnerability not be known to exist; or it may be waiting to be patched; or it may be known about, but not patched because the device's support time is up. Malware could potentially be installed via a security vulnerability. The method of removing this type of malware varies depending on the situation.
- Via flashing something—if you are rooted or unlocked, a ROM or ZIP or custom recovery that you flash may be malicious. It is probably a good idea to only stick with well-known ROMs such as AOKP or CyanogenMod. Be careful what you flash.
Antivirus software can be downloaded from the Play Store. Levels of functionality vary depending on the app in question. In general, apps are checked against a database of known malicious ones.
Some AVs include a web shield. These protect you from malicious and phishing websites. Privacy advisors are also common—these look at app permissions.
AVs are not always good at identifying security vulnerabilities or malicious root tweaks though. This is because security vulnerabilities may not be known about, and if it is a low-level problem, the AV probably will not have permission to look and see if the device is affected. Again, root tweaks installed into the root directory (/) will not be seen by antivirus applications.
If malware is detected on the device, the AV will tell the user to remove it. It can not do this by itself, because all Android apps are sandboxed.
Antivirus software could slow down your device or post annoying notifications. Many AVs require you to register, and 'anonymous' data is often sent to the AV vendor. This could include your device type, model, make, MAC address, web browser details and more! And finally: many people would say that there is not a need for antivirus.
- Stick to the Play Store—this is the golden rule. Almost all app-related malware comes from sources other than the Play Store.
- Review app permissions—make sure that you understand why an app needs a permission.
- Stay away from apps that appear too good to be true—if an app claims to make your device ten times faster, don't download it.
- Upgrade to the latest version of Android (if you can)—upgrading could fix security vulnerabilities.
- Be REALLY careful about granting apps root access—I mean REALLY careful.
- Install antivirus software—I am not going to say that you should definitely do this, but it can help.
You'll probably want to consider Android antivirus if these apply to you:
- You download lots of unknown, untested apps which do not come from the Play Store.
- You are running an old version of Android—if you are running something pre-KitKat, an AV would probably be helpful (this does not really apply to Nexus devices, which pretty much all get the latest Android).
- You want a peace of mind—installing a security suite such as Bitdefender Mobile Security will protect you against lots of nasties. It will lie quietly in the background, and only alert you when it finds something that you need to worry about.