[Interview] Stay safe - We spoke with Eset about the latest threats to mobile security

Some of us may find ourselves guilty of taking a relaxed attitude to online security from time to time, perhaps even kidding ourselves into thinking that cyber-attacks are something that only really affect big corporations and the occasional election. Unfortunately, the sad reality is that you’re potentially at risk even whilst doing something as innocent as downloading the latest app to your phone.

We spoke to Lukas Stefanko, a Malware Researcher at ESET (one of the world’s leading online security companies) about the dangers of malicious software on Android platforms and what we can do to keep our gaming experiences trouble free.

How big of a problem have malicious apps become in recent years?

The first computer viruses in the 80s’ were mostly meant as a joke – the only thing which you could lose was, in the worst case the latest version of Pong. Since then a lot has changed. Malware creators are not just a bunch of enthusiasts making fun of other people, but criminals trying to find way into your pocket.

Imagine all that you've stored in your smartphone - Pictures, videos, maybe some sensitive documents from your work, which you saved to read while offline. Your data is a lucrative business and in 2016, we observed the rise of Android malware more than 20% against the last year.

The most dangerous Android malware is definitely ransomware, which encrypts all your data including videos, pictures, or game saves and demands money from you to unlock them. According to our detection system Live Grid, the number of Android ransomware detections has grown in year on year comparisons by more than 50%, with the largest spike in the first half of 2016 (which you can see here).

What measures can users take to keep their Android protected against ransomware?

Most importantly, take preventive measures, avoid unofficial app stores, backup and install an mobile security application with latest updates (such as ESET Mobile Security & Antivirus). Always keep in mind that if you will be infected by ransomware, there is very little chance that you will unlock your data, even if you pay the ransom, which we definitely do not recommend.

Take for example LockerPIN – it is an aggressive Android Trojan, which, after installed asks you to “Update patch installation”. Most users will tap “Continue” without knowing they just granted the attacker administrator right and absolute control over their device.

The LockerPIN then locked the device, set a new PIN, for the lock screen and demanded 500$ ransom. The worst thing is that even when you pay to the attackers, you will not get access to your device as the PIN is created randomly and they do not know it.

Are there efforts being made to raise awareness?

In ESET, we always advise users to download apps only from official app stores, informing them about the latest threats and educating how to defend themselves. Moreover, when we find such an app in official store, we immediately inform Google and the users how to get rid of it. You can check out our blog WeLiveSecurity.com, where you can find information about the latest Android threats.

How does malicious content on Android usually target victims?

Most of the malicious apps for Android are relying on users’ lack of awareness. The victims are mostly infected when downloading pirated paid games or apps for free, visiting malicious sites or by social engineering.

However, we observe malicious applications as well on Google Play. For example, recently we have analyzed 87 fake Minecraft mods, which reached up to 990.000 installs before we have reported them in March 16th and 21st. They didn’t have any real functionality except displaying very aggressive ads.

Then, remember the hype around Pokémon Go? When it reached its peak in the middle of 2016, we have found several malicious apps on Google Play, including Pokémon Go Ultimate, which locked your screen right after the user started it, forcing them to restart the device. After the reboot, it ran in the background hidden from the victim and silently clicked on porn ads.

What precautions should users take to protect themselves against malware?

Download apps only from official stores like Google Play, Amazon App Store or the stores of your device manufacturer (e. g.: Samsung, Sony etc.), be cautions when installing, read the reviews, check the permissions.

If you want to simply use your device without checking each file or app, you are downloading, install a mobile security solution.

Does Android have a security model in place to protect against malicious software?

Yes, Google implements certain level of security via Verify Apps and SafetyNet. However, any of those features cannot be considered as a full-featured security solution. ESET Mobile Security scans each file you download (not only applications), protects you against phishing and you can take advantage of all its functionalities from one place.