About Thawte

News

Android, PC similarities make the OS vulnerable to malware

For a number of years now, the majority of mobile malware samples have targeted devices supported by the Android operating system. It seems reports of newly discovered malware strains focusing on the OS appear on a near daily basis, highlighting the need for boosted security measures.

However, Infoworld contributor Galen Gruman noted that while Android is one of the most vulnerable mobile OSs, it may not be their fault. One issue facing these devices is that its app store, Google Play, has relaxed security measures in comparison with other program markets. Gruman wrote that Android's app store does not perform as rigorous safety checks for apps, which results in a number of users downloading malware-laden programs to their mobile devices.

Gruman pointed out that Android's construction is fairly similar to that of a PC in that both operate on a shared filesystem.

"It allows people to install any apps they want. It lets apps work together," Gruman wrote. "Those are features we love in PCs...Guess what? You can't be open without opening the door to malware and spyware."

New pileup Android malware discovered
One such infection targeting Android users is a newly identified sample researchers are referring to as "pileup" malware, according to CITEWORLD. Source contributor Chris Nerney stated that the strain infiltrates a device when the owner downloads "a seemingly harmless app that is 'unprivileged,'" or requires little to no user permissions to function on the hardware. However, the program comes with a fatal "pileup flaw."

According to the IU System Security Lab team, these malicious applications are able to boost their harmful capabilities once individuals upgrade to a new version, and can carry out new abilities without notifying the user through permission requests. The team referred to this style of attack as "privilege escalation through updating," or "pileup flaws," as Nerney calls it.

A number of these apps have been identified already, and the IU team noted that they can appear in the Android application platform.

"Those flaws affect all the Android devices worldwide, posing serious threats to billions of Android users who are actually encouraged to update their systems," stated the IU System Security Lab team.

How to tell if an Android device is infected
As many malware strains are nearly invisible to users, it is important to know what to look for when it comes to mobile infections. According to ReadWrite contributor Catalin Cosoi, a quickly drained battery life can be a sign of malware infection, as well as dropped calls or "strange disruptions" during mobile voice conversations. Cosoi also advises regularly checking service bills for any suspicious charges, as some malware samples have been known to send messages to premium services for boosted rates.

Protect data in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950

We have updated our Privacy Policy which can be found here.

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?