Familiarity with common malwares in cell phones

What is Malware?

Malwares are codes or programs which do malicious acts on victim's system without his/her consent. Malwares are categorized in different names according to their behavior or goals. For example, those which request ransom in exchange of victim's data are called Ransomwares. Or those which have the ability to infect other systems via exploiting software vulnerabilities without users' interaction are called Worms.

In the table below, you can find about different kinds of malwares:

Table 1
Type Meaning
Trojan They describe themselves as normal programs or software.
Spyware These would steal your data or spy on your activities
Rootkit Rootkits are advanced malwares, their goals are staying in dark and not to be detected.
Botnet Malware which create a network between themselves.
Ransomware These will request a ransom in exchange with your information or data
Worm Malware which have the ability to infect other systems remotely or without user interaction
Virus Viruses are malicious codes which infect executables files and have the ability to infect other system by traveling with those files.

According to damage malwares can cause to their victims, it is crucial to know different kinds of malwares and those which are rampant.

For this matter, cell phone's malwares are depicted in the below table :

Table 2
Type Name
Botnet Dresscode
Worm Android/Samsapo
Virus Shedun
Trojan Acnetdoor
Ransomware Ramnit
Botnet Lena
Worm Selfmite
Trojan FakeDoc
Trojan JollyServ
Botnet & Trojan Ksapp
Trojan Kidlogger
Trojan SMSilence/SMSCatcher
Botnet TigerBot
Spyware Smack
Botnet Saiva
Botnet Loicdos
Ransomware Locker/SLocker Ransomware
Spyware GPspy
Spyware Finspy

The most common Android malicious apps will do at least one of the following:

  •  Collect and send GPS coordinates, contact lists, e-mail addresses etc. to third parties
  •  Send SMSs to premium-rate numbers
  •  Subscribe infected phones to premium services
  •  Record phone conversations and send them to attackers
  •  Take control over the infected phone
  •  Download other malware onto infected phones
  •  " Push notifications ads" delivering alerts to a phone's notification bar – when the user swipes to pull down the notification bar from the top of the screen, an ad shows up under Notifications.
  •  "Icon ads" inserted onto a phone's start screen – when the user touches the icon, it usually launches a search engine or a web service.

Then what we can do to prevent from infection?

  •  Avoiding from clicking on unknown or suspicious links: The malicious links may consist of malicious codes in which by clicking on them, malicious code will be executed on your cell phone.
  •  Prevent Jailbreaking or Rooting: By Jailbreaking or Rooting your cell phone, it will be exposed involuntarily to malwares due to removing the security limitations imposed by the operating system vendor. To "jailbreak" or to "root" means to gain full access to the operating system and features. This also means breaking the security model and allowing all apps, including malicious ones, to access the data owned by other application
  •  Keep device operating systems up to date: By updating operating systems regularly, most of vulnerabilities are thwarted efficiently owing to distributed security patches of Google, Apple and other mobile vendors.
  •  Encrypt your devices: The risk of losing a device is still higher than the risk of malware infection. Protecting your devices by fully encrypting the device makes it incredibly difficult for someone to break in and steal the data. Setting a strong password for the device, as well as for the SIM card, is a must
  •  Encourage users to install anti-malware on their devices: most of malwares are thwarted by installing anti malwares. However, none of them, gaurantees %100 against malwares.
  •  Backing up your data: By doing so, it can be ensured that your data is safe in case of cell phone's infection.
  •  Configuring cell phone securely: Misconfiguration can be regarded as one of the approaches for mobiles' infection. For instance, installing software from unknown resources must not be allowed. The other one which can be mentioned is that, your device must be locked automatically when it is idle for a specified period of time. In addition, it is strongly recommended that disable your phone auto connecting to un trusted wireless networks, to illustrate the point.

And what should we do in the case of getting infected?

  •  Install and Scan your device with an anti-malware in order to dis infect your mobile
  •  Password alteration is strongly recommended after being infected such as bank passwords, email passwords, to illustrate the point due to probability of capturing passwords by the attackers.
  •  Change your habits owing to the fact that the source of malware is not identified precisely. Thereby, your behavior towards cell phone should be altered immediately. For instance, DO NOT install applications without understanding applications' permissions prior to installing it. The other one that can be considered is that do not utilize cracked applications. The last but not least that can be mentioned in this regard is not to click on any suspicious links that are sent via SMS, social networks, as examples.
  •  It is probable that your cell phone is still infected even after scanning it by anti-malwares. Flowingly, Factory Reset is recommended. However, it should be noticed that by doing so all the data resides on your phone will be erased so that approves importance of backing up the important data before mobile's infection.
  •  Although, by resetting your cell phone to factory configurations, there is a slight chance that your cell phone would be infected. Nevertheless, Flashing your cell phone is considered as the final approach in order to do so. As a matter of concern, some malwares reside in kernel level in which they would not obliterated by Factory Reset. By flashing, everything will be erased on your phone and new operating system will be installed on it.