Six tips to prevent an Android hack

There are iPhone users, and there are Android users. Even at the Rubica office, we’ve got people who are on Team Android or Team iPhone for reasons of hardware design (or features native to one platform or another). If you’re using the Android platform, you have to think a bit more carefully about your mobile cybersecurity. There are inherently more risks on Android because of the differences in hardware, software, and the relative security postures between Apple and Android.

Mostly, Android relies on open-source code. Basically, the owner of an Android device can mess around in the Android guts of their phone operating systems, which creates different security holes than on Apple products.

Here are six ways your Android can get hacked:

  1. Not installing Android updates

Part of the appeal for Android users is the vast number of phones made by different manufacturers. Droid users love choices! Unfortunately, many of these manufacturers drop the ball on providing reliable and timely updates for their devices. Those Android users with older devices are especially vulnerable.

Run your software updates regularly, and don’t just wait for your phone to remind you to do so.

  1. Downloading apps infected with malware

I just wanted to play Flappy Bird on my phone! A malicious version of that cute little 8-bit bird dodging green pipes smacked Android customers with a malware mega-bomb named MobSTSPY. The malware squirms its way around your phone connecting to a server and uploading data from your personal phone. It also conducts a number of phishing attacks by popping up fake Google or Facebook prompts, encouraging the user to log in with their credentials. If you try to log in to those fake prompts, MobSTSPY snaps up your username and password to deliver to the hands of those nefarious individuals who created it.

Not every app gets screened by Google for malware. Check apps carefully by making sure they’re released by the right company or developer. If an app seems strange for any reason (or if the app is free or has few reviews) then play it safe and avoid the download.

3. Triada trojans come preloaded on some Android phones

Triada is a nasty little mobile Trojan that scouts your phone first by installing itself into your Android’s RAM, making it really hard to detect. It gets root privileges (those super-privileges that allow it to download and install other trojans like itself) and worms its way into every part of your Android’s system files. Once there it can access your SMS messages—where it truly becomes harmful. In-app purchases on some apps use SMS for transaction data. Triada messes with in-app purchase SMS functions, stealing your money while it’s in transit. You might think to stay safe by not downloading suspicious apps, but Triada comes preloaded on Android phones from an attack on the supply chain.

Best way to stay safe? Use an anti-malware app for your phone (I’m biased toward Rubica, obviously). Pick an anti-malware that can detect Triada and its ever-changing variants.

  1. Browsing to risky sites unprotected

If you browse to the wrong site, you can catch Hummingbad malware. You’ve heard of hummingbirds, now imagine a tiny little bit of malware on nearly invisible wings. Hummingbad’s encryption hides the code so those security points in your Android pass right on by. Next, that malicious little bug sends a notification saying, “Hey, you have an update!” If you click and authorize it, Hummingbad downloads and installs itself deep down in your Android where it’s really hard to remove. It then downloads apps that send your personal information to servers and actually generate revenue from your phone.

Use a secure VPN and robust anti-malware app for your phone that blocks threats like Hummingbad before they can cause harm.

  1. Android-specific ransomware

Ransomware now targets mobile phones and Androids, in particular. If infected, the famous ransomware lock-screen pops up, bolting your phone shut and demanding an exorbitant amount of money to unlock your device. DoubleLocker is an example of this lock-screen ransomware that not only encrypts the Android’s data but also changes your security PIN code, leaving you without access to your phone unless you pay.

If you get ransomware, Rubica advises not to pay the ransom and to get expert advice on removing the malware. We’ve got experts you can call for what to do and how to remove it, even if you’re not a current customer.

  1. Use public or insecure wifi on your Android phones

This is by far the greatest security risk. If you connect to a compromised wifi hotspot an attacker could carry out a man-in-the-middle attack or use botnets (an army of infected devices all connected to the same network) to get access to your data. With botnets, one Android phone can infect others, much like the walking dead. The infected devices all connect to a network that the attackers own, which is like they are a command and control center.  From there they can then download personal information, get into your banking, or use your phone in criminal activity (without your knowledge). It’s just insulting to have your personal property carry out crimes. If my device were being used for a crime, I’d like to at least pick which crime…

Avoid public wifi on your phone which is frequently where attackers plant the malware that enslaves your device to a botnet. If you use public wifi, make sure you have a VPN on for the entire browsing session.

Following a few safeguards will help ‘harden’ your Android phone against ever-changing cybersecurity threats. Plus, the next time someone says Android has security issues, you can reply, “Not my droid…”