Last year, in order to combat a particularly insidious virus known as DroidDream, Google remotely deleted infected applications from thousands of Android devices. Apps that appeared legitimate were bundled with malware, then distributed via Google’s Android Marketplace. More than 50 infected Android apps were detected and removed. Since then, all app stores have reported infections or leaky applications.
Google recently released a service called “Bouncer” that analyzes apps on the Android Marketplace for known malware, spyware and Trojans, with the intent to protect users before they download a malicious app. Not only does this service analyze new apps that are uploaded to the marketplace, but also existing apps.
In addition, Google has its remote removal capability, which lets them remotely remove a malicious app from your smartphone or tablet. This app removal feature is one of many security controls the Android team can use to help protect users from malicious applications.
You may consider Google’s ability to access your phone without your knowledge or consent to be a privacy violation. First, though, this is included in the terms and conditions to which you have already agreed, and second, Google is doing you a service and protecting you from potential identity theft.
Even app stores that vet their apps more thoroughly than Android are vulnerable to infection so here’s what you can do to minimize your risk from malicious apps:
- Only download apps from well-known reputable app stores
- Read reviews and check app ratings before you download an app
- Read the fine print and check what permissions the app is accessing
- Install a comprehensive mobile security product like McAfee Mobile Security which not only has anti-malware, but also scans your apps to determine the types and levels of access to your data and mobile functionality being granted.
With better insight, you can take control of your mobile security and data privacy.