Android malware waits … and waits … to trick users

Usually if a user downloads a malicious app, it’s pretty clear right away that something is seriously amiss. For that reason, attackers are getting smarter, according to recent findings. 

Graham Cluey reports a new trend among malicious apps in the Google play store. When users download a game or other app, it works as advertised right away.

But over the course of a week or so, an embedded feature kicks in – and suddenly users find themselves getting a warning message that they need to update their systems every time they unlock their phones.

For savvy users, this constant pop-up is annoying. Those who aren’t as aware of their devices might take the bait and be tricked into downloading malicious content.

In either case, the delayed time from downloading the app to when the ads begin appearing represents a serious problem: With the messages appearing long after the app is downloaded, it can be difficult to tell which app is responsible for the spam messages.

Words to the wise for Android users

Google has taken the offending apps out of its Play store, but more will likely try to copy this strategy in the future. Here are some steps you may want to advise your mobile users take:

  • Be wary of popups. No official message about your phone will come from a pop-up window. Updates would be provided the same place they always are.
  • Check permissions. If an app is asking for more access than you’re comfortable giving out, don’t install it. If it wants even more permissions after it’s been installed, delete it.
  • Look at ratings. Companies will often try to juke the stats, making it look like there are more downloads or higher ratings than it actually has. But for the most part, it’s easy to tell if an app has actually earned its accolades or not (and keep an eye out for other reviewers reporting problems).

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy