Today, viruses are a global threat (apart from the fact that each user at least once faced with the threat of some kind, they even penetrated into the most highly secured system of important strategic sites), but few who are aware of the fact that they always us - in our favorite cellphones.
This article focuses on the Platform for Android: its pros and cons, about the vulnerabilities and how to protect themselves.
Why Android?
Almost half of all Americans are smart phones, more than 850,000 phones are registered every day, 300 million users worldwide - all this makes the system attractive to hackers and virus writers. Unlike other operating system Android is distributed as an open platform, allowing application developers to use all the features of devices. But that is exactly what is an increased security risk. According to research by Trend Micro Android platform gained 1.37 points, fourth place, and showed the lowest results. This figure explains the absence of representatives of the "basic means of providing operating system updates, which is why many users are still vulnerable to critical vulnerabilities over a long period of time." But all this is in no way implies a low level of operating system security. The problem is that access to the Android Market (Google Play) most loyal. The application is available for download as soon as the developer clicks "publish" and, of course, there had time to install the application, users with malicious code until such time as the security personnel will remove it from the Google site.
Now we should talk about vulnerabilities platform to find out how criminals get the program to our smartphone. One of the main vulnerabilities is to get as root. Thus, attackers may be able to install other programs without your knowledge or confusing for users, forcing himself to perform the necessary actions, providing the desired malware capabilities. A key element of security is a system of permits. That is, the program allowed her to be able to perform actions without the smartphone, but often do not read the list of all the functions of an application. Also represent a threat to unofficial firmware: first, they have initially can be embedded malicious code, and secondly, the application, signing a digital signature system, receives the right to allow, for example, to install the application. An example was the program Android.SmsHider, infecting the phone with malware.
More information about the openness of Android. Open Google's approach is one of the reasons for the success and growth of applications for this OS. On the one hand, this contributes to the openness of the code, other applications can be installed from any available source, the creation of applications is available to the public - need to pay only $ 25 for the official catalog.
In what appear to us as a threat?
Briefly about the main point: it is now known more than 9000 viruses and Trojans for Android. Every day there are 20-30 new threats. Over the past seven months in 2011 the number of malware has increased by 3325%. Spyware and SMS-Trojans accounted for most of the malicious code attacking mobile devices - 63% and 36%, respectively (according to research company Juniper Networks). As a result of the report "2011 NQ Mobile Security Report» in 2011 malware infected about 10.8 million Android counterparts around the world. During the same year, the number of threats increased from 500 species in January to 9900 - in December.
Not so long ago came Instagram app for Android, arranged before the boom on iOS. However, as was the case with popular applications like Angry Birds, Opera Mini, ICQ, Skype and others, scammers took advantage and created a wave of popularity of the so-called fake (fake) websites, with the aid of which the spread of trojans. One of the fake Web-pages designed for Russian users and distribute malicious software, in which getting into the phone starts sending SMS and subscription to costly mailing without user intervention. Another option is to spread fraud "fake anti-viruses." For example, the company Dr.Web warns that hackers are using fake antivirus of the company. Under the guise of an application you can download from the website created by virus writers Android.SMS.Send, whose goal is to send messages from charging higher premium rate numbers. Another of the highlights of recent examples was the disguise malware by updating the player Flash. Hackers are distributing a counterfeit version of a specially created website, similar to the official adobe.com. This resource has been updated description of deployed in Russian, and a link to the download page. In these examples, a new method of attack, known as Fake Installers, or "False installers" and become the fastest growing in 2011. The developers of malicious software download popular applications, insert malicious code, and then put the application back on the market. Another method is to update the application to a malicious version. Virus writers have put in a special component in the license application, allowing him to upgrade to the next, malicious versions. And the ability to download applications from non-official resources allows fraudsters to easily convince users to download an infected application.
SMS-phishing. Attackers use text messages to trick users into visiting a malicious or fraudulent website. In another way, this is called smishingom. Fraudsters send the victim a message containing a link to a phishing site and enter motivating him. Or are invited to send a reply SMS. In search of an example do not have to use the global network, as each of these experienced and open outside always find something. That is - from my phone: "You received a MMS. Viewing from a mobile on the link mms. ***. com ». Of course, one can guess that one MMS is actually not, and the site is infected with virus writers. Also, scammers disguise malware by sending information about upgrading applications. For example, in 2011 was publicized update message FakePlayer, which contained a reference to Trojan.-SMS.AndroidOS.FakePlayer. After installing the application has started to call premium rate numbers without user intervention.
Interesting applications. In this form of fraud, virus writers are based on the principles of social engineering. Whoever wanted to get something for free, "for free"? Quite often it is this factor is dominant in the creation of these threats. "Free Upgrade", "Hacking Wi-Fi», «Siri for Android». That is the name of the application based on the fact that the consumer would like, but that is impossible or unrealistic to create a certain point, or even illegally, and even if there is only "a miserable forgery or a copy."
Another popular kind of not less than are commercial spyware. A striking example was the application Carrier IQ, largely hidden from the user's eyes. The program has a rut right, therefore, can do whatever it wants without the permission of the owner of the device. CIQ is a tool for device manufacturers and carriers designed for the collection of statistical and analytical information. According to the very same company, the application is installed on 150 million devaysakh around the world.
Advertising modules. To place the earnings developers of games and applications adware. In most cases they are not dangerous to the user, but some of them are harmless and less. For example, the phrase "required an urgent upgrade of the system" can be taken for the system, but, instead, the user will receive a regular Trojan. Some modules behave very aggressively, collecting sensitive information, as well as adding shortcuts to the desktop and bookmarks in your browser.
Methods of protection
Bouncer - service of Google, used to scan Google Play for the presence of infected applications and games. According to the company, while working in text mode Bouncer number of malware dropped by 40%.
The latest version of the Android 4.0 Ice Cream Sandwich has been improved mechanisms for information security: the location of information structures in the address space of the process is changed, asking a random manner. Now, the attacker will be more difficult because he will not know exactly where in memory are the necessary software components. Another novelty was the introduction of API, through which developers can embed into their products mechanisms of control authenticates and safe sessions, as well as install and securely store user certificates.
Today, developed a huge number of anti-virus software for the platform, but, as the Independent Institute research lab AV-TEST, good work can boast a paid anti-virus software. Free antivirus software proved to be not at its best - the best result of detection was only 32%.
Anti-virus programs have a diverse set of functions. For example, ESET Mobile Security detects any signs of malicious activity in real time and provides quick and accurate check of all installed applications, files and folders on the presence of Trojans, viruses, worms, spyware applications and other malicious programs. There are also anti-theft system with which you can easily set the coordinates of the lost mobile phone. Tools Remote Lock and Remote Wipe allows to remotely block access to the lost device, and remove sensitive information from the memory of the usual SMS-message. To protect against spam, you can use "black" or "white" lists. Call Blocking will prohibit the unwanted incoming and outgoing calls.
Another software solution Dr.Web 7.0 is the availability of a new component Cloud Checker, which operates using the so-called "cloud" technology and is designed to test the options offered in your browser.
One of the best applications for protection against malicious software is also Kaspersky MobileSecurity. It features, in addition to standard functions, is to protect the phone from the "prying" eyes - others do not see what the user would like to keep secret.
There are other antivirus solutions, but to describe them all, I think it makes no sense, because, basically, they all perform the standard functions - search and discovery software intruders.
Conclusion
All the same, no matter how powerful or have security, viruses are written and complicated. And here the important role played by human factors.
By following a few simple steps, we can reduce the risk, and possibly avoid the overhanging threat over us.
And the rules are very simple:
- Download applications only from the official Google Plai;
- Carefully read the resolution, which requests that the application (after all, would be strange if the normal game will require sending messages);
- Install anti-virus protection;
- Do not store sensitive information on the phone;
- During the update the system;
- Pay attention to the battery level (if, suddenly, for no apparent reason, the phone is idle discharges may have activated a process);
- View a list of running programs and make sure they know you.
- Carefully read the resolution, which requests that the application (after all, would be strange if the normal game will require sending messages);
- Install anti-virus protection;
- Do not store sensitive information on the phone;
- During the update the system;
- Pay attention to the battery level (if, suddenly, for no apparent reason, the phone is idle discharges may have activated a process);
- View a list of running programs and make sure they know you.
No comments:
Post a Comment