So you’re interested in looking for a new app, but don’t know where to go or where to start? You go to the Android Market of course where you’re free to view thousands of available apps straight from countless developers! Sadly though, Android owners must remember to take great caution when checking out apps. As great as Android’s liberal policies for apps are, the policies may be a little too loose at times, allowing for questionable and suspect malware apps to sneak onto the Market. You might remember back in August how we pointed out McAfee reported the Android OS being the most popular target for mobile malware developers. While it’s unlikely most Android users will actually be affected by an infected app, the threat of your device becoming affected is still very much a reality. Artem Russakovski of Android Police shares this threat that will certainly raise an eyebrow or two. Read on about this noteworthy discovery and how to protect yourselves from something like this after the break.
Most Android users must realize the malware apps closely resemble normal apps. Take a look at the screenshot Artem found of a questionable MSN Messenger app found in Market below:
If you look carefully, you’ll notice something looks not quite right. Oh that’s right— the developer is MICROSDFT CORPORATION (note all caps!), not Microsoft Corporation. Moreover the app clearly requests permission to directly dial phone numbers without your intervention and the website listed is msM.com. The untrained eye may skim past those important details which may prove to be a costly error.
Artem’s article has proven to be helpful, but how does the average Android user know the red flags for Android malware apps? Here are some quick tips to spot a malware app and potentially avoid a major disaster:
Install An Antivirus App
This is a must for any Android user. Considering everything about the Android OS is open-source, anyone and everyone can whip up and create any type of code to share with the Android world, including Android malware. Scores of unfamiliar or susceptible users often fall victim to a malware infection. However, malware code has become more advanced and stealth in its appearance, meaning even the most experienced Android user can ultimately be affected as well. You don’t have time to worry about every app you check or download, so the simplest solution is to simply download an Antivirus app such as Lookout, AVG, Norton, or McAfee antivirus solutions. Each of these apps have their distinct advantages, run in the background, and automatically scans newly installed apps while alerting users of threats, potentially preventing trouble before you even open the new app.
Download From Trusted Companies/Developers
The average user will download from Market or the Amazon App Store almost exclusively. Although there are the few malware apps buried among the thousands of safe apps, it’s safe to assume you’ll find trustworthy apps from legitimate companies and developers. You will be able to find comments from users and read reviews if necessary. If the comments, ratings, and reviews vary, you’re safe as users who download apps have objective opinions. However, if you find comments with similar grammar or ratings, that might be the sign of a red flag, especially if you see hundreds or thousands of the same ratings/comments. Also you need to do your research on the developer. If the developer has contact info listed. Try to visit the developer’s website or email directly. If you email and get a bounce back or visit the website and find a website full of spam or even a blank page, that may be another indicator the app you’re looking at is questionable. Moral of the story, do your research on the developer or company and make sure they’re reliable and trustworthy before you download.
Check the Permissions
The average Android app will require minimal permissions. Generally speaking, apps in general will require access to Your Location, Storage, Network communication, and System tools among other things. One good rule of thumb is to check and see if the app requires more specific permissions. A developer may want access to services that cost you money which would directly call phone numbers and send SMS messages. In essence, the app would call numbers and you may receive countless text messages— which may add up to hundreds of dollars if you’re not careful. One more alarming permission a malware app my ask for is your GPS location. For those who are big on Facebook, Twitter, Google Maps, you may have your GPS permissions enabled as they are based on location searching or sharing. However most apps should not need access to your GPS location. Another big one is an app that requires Your personal information. Most apps should not have the need to add/modify calendar events, email to guests, etc. Always use your discretion and judgment to conclude if the app is safe or not.
Remember, Android users always have the right to check out an app’s permissions before they download and use the app. Right before you download the app, make sure you don’t see an excessive number of permissions like you see below:
If you download an app after skipping over the permissions page, it’s not a problem so long as you haven’t opened the app yet. You can view the app’s permissions by going to your Settings –> Applications –> Manage Applications –> Pointing to the app and scrolling down to see its permissions. If you find out an app has permission requirements that make you uneasy, remove the app right away. You will also have the ability to make others aware of Android malware by flagging the app after you install it. This is done by opening up Market on your Android phone, going to the app’s page, and choosing the Harmful to phone or data option under Other objection. Of course if you all ever see a piece of malware, report it to us and we’ll certainly be more than happy to make the Android streets one step safer for all.
[via Android Police]