How does Android malware spread?

An Android device can be infected with malware in several different ways. The following are some of the possible ways:

  • Repackaging legitimate application: This is the most common method used by attackers. First, the attacker downloads a legitimate application and disassembles it. Then, they add their malicious code and reassemble the application. The new malicious application now functions exactly as the legitimate application does, but it also performs malicious activity in the background. This kind of application is commonly found in third-party Android app stores and is downloaded by many people.
  • Exploiting Android vulnerabilities: In this scenario, an attacker exploits the bugs or the vulnerabilities that are discovered in the Android platform to install their malicious application or to perform any unwanted actions. For example, installer hijacking, which was identified in 2015, has been exploited by attackers to replace an Android application with malware during installation.
  • Bluetooth and MMS propagation: Malware is also spread via Bluetooth and MMS. The victim receives the malware when the device is in discoverable mode, for example, when it can be seen by other Bluetooth-enabled devices. In the case of MMS, the malware is attached to the message, just like how computer viruses are sent through email attachments. However, in both these methods, the user has to agree, at least once, to run the file.
  • App downloading a malicious update: In this case, the app that was originally installed does not contain any malicious code, but a function present within the code will download malicious commands at runtime. This can be done via a stealthy update or user update. For example, the Plankton malware uses stealthy updates that directly download a JAR file from a remote server and do not need any user permission. In the case of user updates, the user has to allow the app to download the new version of the app.
  • Remote install: The attacker may compromise the credentials of the user's account on the device and thereby remotely install apps on the device. This generally happens in targeted scenarios and is less frequent compared to the previous two methods we just described.

Now that we've looked at the possible ways in which the Android malware can spread, let's try to identify the presence of malware in your device.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.135.202.224