Click on the icons!

FacebookTwitterRSSYoutube

Android Threats: Watch for QR codes, Rootkits, Trusted Malware

Share Button

AVG Mobile Threats graphBRNO, Czech Republic – In a new threat report, AVG puts the accent on mobile security amongst other threats. In the focus is the mobile platform Android, which is receiving an alarming increase of threats with the increased number of activated devices.

With almost 550.000 new device activations daily, the popularity of Android is attracting hackers and spammers from all over the world.

In the fourth quarter of 2011 the biggest threats for Android were rooting tools with 78% of the cases, followed by malware with 14% and hacking tools with 8%. Those statistics, combined with the fact that all threats available in the PC world are available for Android already, shows that many of the dangerous practices in attacking Windows are getting transferred to Android.

One of the most illustrating examples of this kind of transfer is the so called “trusted malware”, which means that the cyber criminal uses a trusted key to sign their malicious software. Trusted keys exist in Windows and Android worlds to ensure the operating system that the developer of the program is trustworthy. The problem is that in several occasions this trust may be misleading.

Android app permissions

Three are the most common cases of a misleading digital identity: fake digital certificates, leaked or stolen personal certificates and use of Android’s Open Source Project certificate in malware. The best way to protect from such malware is to check the permissions of any suspicious software that users have on the Android-powered device, as malware usually tries to gain access to details that are not needed by the program that it is impersonating.

Another potential security leak in Android is the handy option of reading QR codes, used for convenient data or software access for mobile devices. When users scan one QR code from printed source or digital image, it actually starts the corresponding program, so this action equals starting an unknown executable file. This once more shows that security awareness in mobile devices should be at least that high as on our PC, perhaps even higher.

QR code

Share Button

By , International Correspondent, Rethymno (Greece) office

Published on Jan 28th, 2012 GMT +2

Comments


Fatal error: Uncaught Exception: 12: REST API is deprecated for versions v2.1 and higher (12) thrown in /home/phonerpt/public_html/wp-content/plugins/seo-facebook-comments/facebook/base_facebook.php on line 1273