Phones are essentially powerful mobile computers that contain vast amounts of valuable personal information. This article looks at how to tell if your phone has a virus, what to do if you think it has, and how to protect your phone.
Both a virus and malware are malicious programs, but in security terms, a virus is a type of malware that copies itself onto your device and malware, the general terms for malicious software, is a type of threat.
There are many different types of malware that can infect mobile phones, including:
– Banking malware, many of which are Trojans designed to infiltrate devices and collect bank login and passwords.
– Spyware, used to steal a variety of personal data.
– Ransomware, which locks the phone until the user pays a ransom.
– Mobile Adware, whereby “malvertising” code can infect a device, forcing it to download specific adware types which can then allow attackers to steal personal data.
– Crypto-mining apps, which use the victim’s device to mine crypto-currency. For example, in February 2019, security researchers at Symantec claimed to have discovered 8 crypto-mining apps in the Microsoft Store.
– MMS Malware, whereby attackers can send a text message embedded with malware to any mobile number.
– SMS Trojans, which can send SMS messages to premium-rate numbers across the world thereby landing the user with an exceptionally large phone bill.
Android phones are known to be vulnerable to malicious software that usually arrives via a malicious app that the user has downloaded, sometimes via the Google Play Store or an app from a third-party app shop. A recent Nokia Threat Intelligence report showed that Android devices are nearly fifty times more likely to be infected by malware than Apple devices.
For example, back in September 2019, Security researcher Aleksejs Kuprins of CSIS cybersecurity services company discovered 24 apps which had been available for download in the Google Play Store that contained spy and premium subscription bot ‘Joker’ malware. Also, in January 2019, security researchers discovered 36 fake and malicious apps for Android that could harvest data and track a victim’s location, masquerading as security tools in the trusted Google Play Store.
Android phones are also vulnerable to malware and viruses if users download message attachments from an email or SMS, download to the phone from the internet, or connect the phone to another device.
Reasons why Google’s open-source Android is vulnerable to malware include:
– The complicated processes involved in the issuing of security updates means that important software security updates often get delayed. This is because unlike Apple iPhones, there are thousands of different Android devices made by hundreds of different manufacturers, each with a range of hardware quality and capabilities.
– The open-source nature of Android, which is also one of its strengths in terms of scope and flexibility, can also lead to more human error and potential security holes.
Apple iPhones are generally thought to be much less at risk from viruses and malware because they have protections systems built-in which include:
– The need to go through the Apple App Store to download an app. Apple reviews each app for malicious code before it makes it into the store, thereby stopping an obvious method of infection.
– iOS “sandboxing” stops apps from touching data from other apps or from touching the operating system, thereby protecting a user’s contact and other personal data.
– The majority of iOS apps do not run as an administrator, thereby limiting their ability to do damage.
– Apple issues frequent updates to patch any known vulnerabilities, which everyone with a compatible device receives at the same time.
Although the vast majority of viruses/malware attacks on phones affect Google’s Android phone OS (97 per cent), and viruses are rare on Apple iPhones due to the built-in security measures, they are also still targeted by cybercriminals, and vulnerabilities in iOS platforms do exist.
– Phishing attacks e.g. bogus pop-up ads are used to trick iPhone users into downloading malicious software.
– Back in August 2019 a Google Project Zero contributor reported discovering a set of hacked websites (from February 2019) that were being used to attack iPhones to infect them with iOS malware and had most likely been doing so over a two-year period.
Some of the main signs that your phone may already have a virus/be infected by malicious software are:
– Unusual and/or unexpected charges on your phone bill e.g. additional texting charges.
– Your phone contacts reporting that they have received strange messages from you.
– The phone crashes regularly.
– New/unexpected apps are present.
– Apps crash more often than usual.
– An increase in the number of invasive adverts on your phone (a sign of adware).
– Slowing down of the phone and poor performance.
– Large amounts of data being used, without an obvious cause.
– The battery life is noticeably reduced.
If your phone is infected with a virus, take the following steps:
– Switch the phone to airplane mode to stop malicious apps from receiving and sending data.
– Check the most recently installed apps against the listed number of downloads (in the App Store and Google Play). Low download numbers, low ratings and bad reviews may indicate the need to delete the app.
– Install anti-virus software and carry out a scan of your handset.
– You can also contact your phone’s service provider or visit the high street store if you think you have downloaded a malicious/suspect app
If you suspect that your iPhone may be infected:
– Check your apps and delete any unwanted ones.
– Clear the phone’s history and data, and restart.
– Consider installing mobile anti-virus software.
Prevention is the best form of cure, and the steps you can take to ensure that your phone is both secure and not infected with a virus include:
– Using mobile security and antivirus scan apps.
– Only using trusted apps / trusted app sources.
– Check the publisher of an app (which other apps they have created), check the numbers of installations and positive reviews before installing an app, and check which permissions the app requests when you install it.
– Uninstalling old apps and turning off connections when not using them.
– Locking phones when they are not in use.
– Not ‘jailbreaking’ or ‘rooting’ a phone.
– Using 2-factor authentication.
– Using secure Wi-Fi and VPN rather than just the free Wi-Fi when out and about.
– Being careful with email security and hygiene e.g. monitor for phishing emails and not clicking on unknown/suspicious attachments and links.
– Being careful with security around texts, social media messages and ads.
With apps being the source of many infections of phones, there is an argument that there is responsibility among mobile app developers and those commissioning mobile apps to ensure that security is built-in from the ground up. This should mean making sure that all source code is secure and known bug-free, all data exchanged over app should be encrypted, caution should be exercised when using third-party libraries for code, and only authorised APIs should be used.
Also, developers should be building-in high levels of authentication, using tamper-detection technologies, using tokens instead of device identifiers to identify a session, using the best cryptography practices e.g. store keys in secure containers, and conducting regular, thorough testing.
If you train yourself to regard your phone as another mobile computer (that probably has a lot more personal data on it) that can be targeted by cybercriminals and needs protection, and are cautious regarding apps, emails, texts and adverts, then you are less likely to end up with a damaging virus/malware program on your phone.