For years now we’ve been drilling into readers’
minds the importance of antivirus software, but
times are changing and whereas previously many
of their computing tasks took place on a desktop
system they now take place on a phone or tablet.
Android viruses have hit the headlines before,
leading users to think installing some sort of security
software is a good idea. And it goes almost without
saying: the more popular Android becomes the more
of a target it is for the bad guys. But do you really
need to install a resource- and battery-hogging
antivirus app on your phone that is going to plague
you with irritating notifications?
In almost all cases, Android phones and tablets do
not need antivirus installed. Android viruses are by no
means as prevalent as media outlets may have you
believe, and your device is much more at risk of theft
than it is a virus. But it is true: Android viruses do exist.
The vast majority of known Android viruses have
been installed on the back of dubious apps – apps
you will no longer find in the Google Play store. By
default Android does not allow you to install apps
from other sources, so there’s no chance of you
accidentally installing something nefarious.
Supposing a dodgy app does find its way into the
Google Play market, Google will quickly pull the app
and uninstall it from your device. But what if it comes
back? Symantec has found at least seven malicious
apps on the US Play Store that were pulled and then
reappeared under new developers with new names.
If you are installing apps outside of Google Play,
installing an Android antivirus app is one way to keep
yourself safe. False-positive results are common with
such apps, however, so you may find your AV app
reports an app as dodgy when it’s actually harmless.
In these cases, taking other precautions can be a
more appealing way to safeguard your device from
Android viruses.
Such precautions range from carefully checking
any requested permissions before agreeing to them,
avoiding cloned apps and keeping Android up to date
(with all security patches applied).
Unfortunately, it turns out that even if you update
your Android device, it may not be as up to date as
you think. Security Research Labs has published the
results of an in-depth study in which it claims several
big-name vendors are guilty of saying they’ve rolled
out important patches when they haven’t.
The worst offenders on its list are Alps, TCL, Oppo
and ZTE, which it says have missed four or more
critical and high severity patches on the claimed patch
date. With two to four misses are HTC, BlackBerry,
Asus, Fairphone, LG, Huawei and Lenovo. With one
or two are OnePlus, Wiko, Xiaomi, Nokia, Motorola
and Honor. Those in the good books with either
zero or just one missed patch are Google, ZUK,
LeEco, Samsung, Sony and BQ.
You should also keep your wits about you,
and apply a healthy dose of common sense. You
wouldn’t click on an attachment in a dodgy email
from a sender you don’t recognize on your PC or
laptop, and we hope you would apply that same
thinking to suspicious links sent in Gmail on your
phone or via WhatsApp or Facebook Messenger.
Typically, these type of links are associated with
phishing scams, but that doesn’t mean they won’t
install a virus on your device.
(Incidentally, if you find your Facebook or email
account has been sending these sort of messages to
your contacts you should immediately change your
passwords, and preferably contact those people and
warn them to ignore it.)
Supposing your Android phone or tablet does start
acting oddly and you have reason to believe malware
is at play: a factory reset is all that’s required to get it
back to normal (one reason why it’s a good idea to
always back up Android). But if you don’t fancy wiping
your device we have also issued some handy tips on
how to remove an Android virus.
In many cases users report to us that they are
seeing suspicious pop-up ads in their browser, or
they are being redirected to a different home page to
that which they configured in the settings. Our usual
advice is to clear out the browser’s data cache (in
Settings > Apps > Chrome > Storage). You can also
read more about how to block pop-up ads in Android.
It’s worth pointing out that antivirus apps for Android
often have other useful benefits, such as the ability
to remotely lock or wipe a lost or stolen phone, or
backup and cleanup tools. All these tools are available
elsewhere – usually via free apps – but for ease of use
it can help to have everything in one place.
Avoid dodgy Android antivirus apps
Just before Christmas we learned of the Loapi trojan,
which was spreading itself through advertising
campaigns under the guise of antivirus solutions
or apps. It’s awful to think that an app you install to
protect yourself is actually going to do the opposite,
but one of the ways in which Loapi works is by
putting such a heavy workload on the phone that it
causes the battery to overheat, destroying the device.
Loapi can also send out text messages on your
behalf, subscribe you to paid services without
your knowledge, allow attackers to execute
HTTP requests for DDoS attacks, and mine the
cryptocurrency Monero.
Loapi prevents a user from uninstalling it by
blocking the screen and closing the window when
you try to remove its admin rights. It will also
prompt you to remove other security apps that
might be able to detect and remove it, and keep
hassling you about it until you give in.
You don’t need an antivirus app installed to
protect you from Loapi, but it may help you to detect
its presence. Other things you should do include
disabling the ability to install apps from unknown
sources, and keep your operating system up to date.
