Buying a cheap smartphone? Malware comes free

Cybercriminals are easily able to penetrate smartphones via malware and are continuing to do so through apps, especially those preinstalled on cheaper mobile devices.

Online security firm Kaspersky has once again flagged off concerns that malware inside mobiles are on the rise, and to such an extent that some countries in the region have made it to the list of top 20 affected in the world.

The number of cyber-incidents detected by Kaspersky Lab’s products in the Middle East during the first quarter of 2016 was 15 per cent more than in the same period of 2015.

According to it, growth in use of mobile services in the region has lured cybercriminals to develop new innovative methods and tools to invade into a smartphone.

“Infections of mobile malware were most efficient for cybercriminals when they happened via malware in mobile applications from app-stores and the presence of malware in the initial software pack of the phone, which was the case with inexpensive devices,” it said in a recent analysis.

The issue gained prominence last March when mobile security firm Bluebox said it found malware pre-loaded on Xiaomi, which the smartphone maker later dismissed as counterfeit devices.

Then came several other security firms who found more smartphones at least 26 brands, which included prominent names like Huawei and Lenovo that came with pre-installed malware, capable enough to spy on the user and steal data.

Almost all smartphone-makers have dismissed the reports and denied that no malwares were pre-installed by them.

The spyware disguised in popular Android apps such as Facebook and Google Drive resides inside the phone's firmware and cannot even be removed or uninstalled unless the devices are unlocked.

According to Kaspersky Lab statistics in the first quarter of 2016, some countries appeared in the top 20 worldwide by the share of users who faced incidents on their smartphones: Egypt took 13th place with about 12 per cent followed by Turkey at 14th spot with 10.7 per cent.

Security firm Symantec has also announced that in 2015 alone there were 430 million new malware variants discovered, a 36 percent increase from the previous year. According to it, professional cybercriminals are leveraging their vast resources in attempt to overwhelm defenses and enter corporate networks through any means possible.

Meanwhile, Google last week released its latest Android Security Annual report and said it has been scanning a whole lot of apps and devices everyday to ensure that mobile phones running on its operating system are safe.

Releasing some numbers it said it scans over 6 billion apps and 400 million devices everyday to constantly monitor and secure the Android ecosystem. “Greater transparency helps drive a well-informed discussion about security, and from there, more safety for all users. We'll continue our ongoing efforts to improve Android’s protections, and we look forward to engaging with the ecosystem and security community in 2016 and beyond,” said Adrian Ludwig, Lead Engineer, Android Security.

Google said its use of both on-device and cloud-based services has provides Android devices using its services with flexibility to improve security in ways that are not possible within a traditional client operating system.

According to the company. the endpoint protections it provides include preventing installation of Potentially Harmful Applications, enabling users to protect a lost or stolen device, protecting users against potentially harmful websites, simplifying the user-authentication process, and even helping third-party applications check the security of a device.

"In 2015, we increased our understanding of the ecosystem using automated systems that incorporate large-scale event correlation and machine learning to run more than 400 million automatic security scans per day on devices with Google Mobile Services," the report said adding that the number of successful exploitation of vulnerabilities on Android devices continued to be extremely rare during 2015.

The largest threat was installation of Potentially Harmful Applications (PHAs), or applications that may harm a device, harm the device’s user, or do something unintended with user data. On average, less than 0.5 per cent of devices had a PHA installed during 2015 and devices that only installed applications from Google Play averaged less than 0.15 per cent, the security report by Google said.

Combing its own software and third party applications the scans were not only able to detect apps with malware while they are being installed, but also check on pre-installed applications.

“Ongoing protection by Verify Apps, which scans for PHAs, and SafetyNet, which protects from network threats—as well as actions taken by the Android Security Team—helped stop the spread of PHAs like Ghost Push and reduced Russian fraudware by over 80 per cent. We also released the SafetyNet Attest API to help developers check device compatibility and integrity," it says.

It further enhanced its safety elements and expanded its platform security technology with the launch of Android 6.0 which also made encryption mandatory for all devices capable of supporting fingerprint scanners, "Most new devices with Android 6.0 have a hardware root of trust and provide a verifiable good boot state. We introduced support for device fingerprint sensors, improving user security through ease of use. We changed the permission model so that users can see, grant, and revoke permissions for applications at a granular level, allowing for better control of the data and capabilities that each application can access," it said.