Bad actors are targeting Android users with malicious apps that load unwanted ads and even banking trojans, according to mobile security experts.
Ondrej David, mobile threat analyst with cyber firm Avast, said having an infected mobile can be “a true annoyance or even severe security risk”.
“Mobile malware, and adware in particular, often comes in the form of a gaming or entertainment app that seems harmless, but what users are unaware of is that their device is doing malicious activities in the background,” he said.
The main form of malicious app distributed to Androids is adware, making up around 45 per cent of Android malware Avast spotted in the first five months of 2021.
Adware is typically delivered through apps that appear legitimate but when downloaded litter the screen with intrusive and irrelevant advertisements both inside and outside the app.
While they may seem like just an annoyance, Avast warns adware may also come with further malicious code that forces the device to automatically click on ads or even subscribe the user to unwanted premium services.
A recent malware was found by Kaspersky to use accessibility settings to post fake positive reviews on other apps in the Google Play store, further disguising dodgy app activity by giving bad apps five-star ratings.
Banking trojans have been another common threat facing Android users this year with these apps once again tricking users into thinking they are legitimate apps by faking a banking app’s login screen or using a financial institution’s logos and branding.
Avast’s advice for avoiding dodgy Android apps is to first make sure you only use official app stores like Google Play.
But these systems aren’t perfect and sometimes malicious code sneaks past app store’s security measures.
The Joker malware – which signed unwitting users up for premium subscriptions – was bundled into 24 apps which had been downloaded 500,000 times on the Google Play before they were removed.
It’s important when downloading apps to also keep an eye out for the app ratings, being especially wary of apps with a lot of five and one star reviews claiming the app is both a dud and super fantastic.
You also want to check an app’s permissions before downloading it. If the app is asking for access you suspect it probably doesn’t need in order to work, it may be worth reconsidering or digging a little deeper.