There are many posts on Smart Thinking highlighting malicious Android apps and I am constantly reminding you that if you have Android devices in your bring-your-own-device (BYOD) scheme then you need to take positive steps to manage them. Even if they are not your devices, they will have your information on them.
Here is an excellent article by Dan Goodin on Ars Technica that discusses the risks.
Potentially millions of Android TVs and phones come with malware preinstalled | Ars Technica
Overall, Android devices have earned a decidedly mixed reputation for security. While the OS itself and Google’s Pixels have stood up over the years against software exploits, the never-ending flow of malicious apps in Google Play and vulnerable devices from some third-party manufacturers have tarnished its image.
Dan Goodin, Ars Technica
The article includes evidence from Trend Micro, TechCrunch and Sophos that a range of low-cost Android devices are supplied with malware already installed and that it is nearly impossible for users to remove it! As many as 8.9 million phones across 50 brands were infected with Guerrilla malware.
This malware gets regular updates, whilst installed and steals information that the threat actors then sell onto advertisers. The malware also installs aggressive advertising platforms that can have an adverse effect battery life.
But Guerrilla does not stop at advertising, there are plenty of plugins available to add malicious functionality, such as hijacking WhatsApp, injecting ads into legitimate apps or installing any other malware the threat actor wants.
Have a read it will make you think about BYOD and Android devices.
This advice applies to Apple as well
And just before we go on – Apple devices also need the same management. May be not for the same reasons – their Walled Garden App Store does a pretty good job of stopping malware – but it is still your information on someone else’s device.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
Apple’s report into how it stops App Store crimes – Smart Thinking Solutions
NCSC warns of risks with App stores – Smart Thinking Solutions