Cellphones and viruses

[jnelsoninjax]

Honest question here, how much risk is there of getting a virus on cellphone if you are keeping it up to date and only downloading apps via the play store? I saw a readers digest article and the TL:DR was that cellphones were at risk of getting viruses. How much of this is really the case?

[HoochieMamma]

As long as you don't go around downloading apks from random websites and stick to known applications from trusted developers in the official play store your risk is basically nil.

 

If you choose to start downloading every tom dick and harry application and grant all permissions to lets say a torch application then it's a user issue.

 

Sounds more like a FUD article from someone who doesn't know what they are talking about.

[jnelsoninjax]

Just now, HoochieMamma said:

As long as you don't go around downloading apks from random websites and stick to known applications from trusted developers in the official play store your risk is basically nil.

 

If you choose to start downloading every tom dick and harry application and grant all permissions to lets say a torch application then it's a user issue.

 

Sounds more like a FUD article from someone who doesn't know what they are talking about.

I didn't read the article because RD is known to publish articles that are FUD as you so nicely pointed out 😛 but the headline had the TL:DR in it and that was why I asked.

[Mindovermaster Moderator]

You have little to worry about if you do it right. Like what Hoochie said.

[jnelsoninjax]

6 minutes ago, Mindovermaster said:

You have little to worry about if you do it right. Like what Hoochie said.

I have nothing to worry about then. I don't download random APK's, in fact the only APK that I have downloaded that was not in the store, is Adguard.

[Mindovermaster Moderator]

57 minutes ago, jnelsoninjax said:

I have nothing to worry about then. I don't download random APK's, in fact the only APK that I have downloaded that was not in the store, is Adguard.

Plus you have your AdGuard, too..

[Marujan]

5% change of getting viruses from GMarket if you have a stock phone, without root or Bootloader cracked

[goretsky Supervisor]

Hello,

 

The chance of coming across an actual, bona-fide computer virus on Android is vanishingly small, just as it is with Windows.  Parasitic computer viruses—that is, actual recursively-self-replicating-programs-whose-children-and-children's-children-are-possibly-evolved-copies, are actually pretty rare these days.  On the Windows side of things, just a handful of families are left (Ramnit, Sality, Virut, etc.) and even between all their variations, account for about a single-digit, percentage-wise, of what security companies see on a daily basis.  Simply put, the parasitic methods of propagation used by computer viruses are used less and less these days as criminals have found other mechanisms to do what they want.

 

What I suspect you are really asking about is malware (a portmanteau of malicious and software), which encompasses all the various forms of replicating and non-replicating software such as trojan horses, multi-stage downloaders, banking trojans, cryptocurrency miners, ransomware and other things you might not want on your computer (adware, spyware, and so forth).  There's quite a bit of that for Windows, and for Android as well.

 

What is a growing problem on Android is what Google calls unwanted software.  As the name implies, it is software which does things the user expressly would not want the software to do, if they understood/were aware of what it was doing.  This includes all sorts of unauthorized tracking, click-fraud, aggressive advertising and all sort of other privacy-invasive behaviors that 15-20 years ago were common to see in adware and spyware on Windows.  These are the kinds of malicious and abusive programs that are cause for concern for most folks.  There are also things like banking trojans as well as commercial spyware used by nation-states, but those tend to be a bit rarer due to limiting factors on whom they can affect or the cost of purchasing them.
 

Google's stance on this is fairly clear (see this, this, this, this, this, and this for more information).  And Google does make efforts to keep its ecosystem clean (e.g., Google Play Protect), but when you don't control device manufacturers, things like this, this, this, and this can happen, and that's without including scams where the user is tricked into installing a malicious app.  But, it's a big ecosystem, and stuff does happen to get through sometimes.

 

So, I suppose the real question here is, "How worried should I be about this?" followed by "What should I do to protect myself?"  Well, the answer to the first is that you should be a little concerned—not to panic about it, but just to be aware of the risks, which leads to taking steps to mitigate them.  The good news is that there are lots of security programs out there for Android in the Google Play Store, and you can certainly download various ones from reputable developers, and use them to see if they find anything.  Most programs are distributed under a freemium business model (or shareware, as it used to be called in the PC world) where you can install it, run it for a few days, weeks or perhaps a month, and then purchase a license, or uninstall it and try another until you find one you like.

There are also many independent organizations which test Android security software, such as AV-Comparatives, AV-TEST, MRG-Effitas, and SE Labs, to name a few.  They have been testing desktop software software for years, so the names may be somewhat familiar from those activities.  While they are no substitute for trying a program yourself and verifying it works well, they can be useful in helping you select which programs to evaluate.

 

Regards,

 

Aryeh Goretsky

 

[Steven P. Administrators]

The Play Store has a history of allowing apps that include malware https://www.neowin.net/news/camscanner-removed-from-the-play-store-due-to-detection-of-malware-is-now-back although they are usually found quickly it is not always the case. This is also the case with browser extensions that can inject javascript or replace ads on a web page with their own which has also slipped through the checks.

 

It mainly applies to smaller lesser known apps, but that can also happen with an app that suddenly takes off and goes viral and the developer decides to monetize through malicious coding (like injecting ads) or perhaps with a crypto miner.

 

What I am saying is that it is always possible, if you are installing lesser known apps, maybe have a look around online about what people are saying about it.

[jnelsoninjax]

2 hours ago, goretsky said:

Hello,

 

The chance of coming across an actual, bona-fide computer virus on Android is vanishingly small, just as it is with Windows.  Parasitic computer viruses—that is, actual recursively-self-replicating-programs-whose-children-and-children's-children-are-possibly-evolved-copies, are actually pretty rare these days.  On the Windows side of things, just a handful of families are left (Ramnit, Sality, Virut, etc.) and even between all their variations, account for about a single-digit, percentage-wise, of what security companies see on a daily basis.  Simply put, the parasitic methods of propagation used by computer viruses are used less and less these days as criminals have found other mechanisms to do what they want.

 

What I suspect you are really asking about is malware (a portmanteau of malicious and software), which encompasses all the various forms of replicating and non-replicating software such as trojan horses, multi-stage downloaders, banking trojans, cryptocurrency miners, ransomware and other things you might not want on your computer (adware, spyware, and so forth).  There's quite a bit of that for Windows, and for Android as well.

 

What is a growing problem on Android is what Google calls unwanted software.  As the name implies, it is software which does things the user expressly would not want the software to do, if they understood/were aware of what it was doing.  This includes all sorts of unauthorized tracking, click-fraud, aggressive advertising and all sort of other privacy-invasive behaviors that 15-20 years ago were common to see in adware and spyware on Windows.  These are the kinds of malicious and abusive programs that are cause for concern for most folks.  There are also things like banking trojans as well as commercial spyware used by nation-states, but those tend to be a bit rarer due to limiting factors on whom they can affect or the cost of purchasing them.
 

Google's stance on this is fairly clear (see this, this, this, this, this, and this for more information).  And Google does make efforts to keep its ecosystem clean (e.g., Google Play Protect), but when you don't control device manufacturers, things like this, this, this, and this can happen, and that's without including scams where the user is tricked into installing a malicious app.  But, it's a big ecosystem, and stuff does happen to get through sometimes.

 

So, I suppose the real question here is, "How worried should I be about this?" followed by "What should I do to protect myself?"  Well, the answer to the first is that you should be a little concerned—not to panic about it, but just to be aware of the risks, which leads to taking steps to mitigate them.  The good news is that there are lots of security programs out there for Android in the Google Play Store, and you can certainly download various ones from reputable developers, and use them to see if they find anything.  Most programs are distributed under a freemium business model (or shareware, as it used to be called in the PC world) where you can install it, run it for a few days, weeks or perhaps a month, and then purchase a license, or uninstall it and try another until you find one you like.

There are also many independent organizations which test Android security software, such as AV-Comparatives, AV-TEST, MRG-Effitas, and SE Labs, to name a few.  They have been testing desktop software software for years, so the names may be somewhat familiar from those activities.  While they are no substitute for trying a program yourself and verifying it works well, they can be useful in helping you select which programs to evaluate.

 

Regards,

 

Aryeh Goretsky

Thanks for such an excellent write up! I suspect you are correct in that it is malware vs virus, but as I said before, Readers Digest is not a tech magazine, and cater to a completely different group, so calling it a malware would more than likely have the readers either not reading it (because what is malware?) or they simply might skim it, now when they call it a virus suddenly everyone (mostly) knows what that is, or has a general idea of what it is.

I found the article, and upon reading it a bit more, it does mention Malware as well, here is the article if anyone is interested.

[+BudMan MVC]

Play store and Apple store are not always the clean/safe playground they make them out to be.. Where you can feel "safe" installing everything you see..

 

Here is a recent write up on how little apple does to keep unwanted apps out of their store..

 

https://www.theverge.com/2021/2/8/22272849/apple-app-store-scams-ios-fraud-reviews-ratings-flicktype

 

As already mentioned above - before going installing some app that seems great, might behoove you to do a bit of research on it, etc..

[goretsky Supervisor]

Hello,

That's a really good point:  Reader's Digest isn't Virus Bulletin (the journal of the antivirus/antimalware/endpoint detection & response/etc. industry), but I know that the folks on the business side are pretty savvy about computer threats.  Good article.  It would have been better to explain that viruses are just a specific type of malware, much like all squares being rectangles, but not the other way around.  Still, for a four-year-old article, it holds up really well.

 

Regards,

 

Aryeh Goretsky

 

17 hours ago, jnelsoninjax said:

Thanks for such an excellent write up! I suspect you are correct in that it is malware vs virus, but as I said before, Readers Digest is not a tech magazine, and cater to a completely different group, so calling it a malware would more than likely have the readers either not reading it (because what is malware?) or they simply might skim it, now when they call it a virus suddenly everyone (mostly) knows what that is, or has a general idea of what it is.

I found the article, and upon reading it a bit more, it does mention Malware as well, here is the article if anyone is interested.

 

[+BudMan MVC]

18 hours ago, goretsky said:

much like all squares being rectangles, but not the other way around.

Better example phrase is all bourbon is whiskey, but not all whiskey is bourbon

[DentedAphid7]

Yeah, the general bases are don't down APKs. But what about browser hijacks and SMS based attacks. Isn't that still a problem? And if certain manufactures decided to add backdoor, there could still a problem.