Hello. In the present time it’s no secret that viruses, sooner or later, slowly “settle down” in smartphones. The bulk of users are practically no longer working on archaic PCs, preferring to use messengers, applications and other pleasures of life on a smart phone. Virus writers have also not avoided the market of mobile devices – not so long ago, a virus was launched that intercepts access to an online bank without the owner’s knowledge.
Technically, the problem is that two-factor authorization (confirmation code from SMS) was originally intended as a reliable barrier to malicious applications and viruses. Now that barrier has been broken, since the message comes to an already infected device, intercepting the access code and withdrawing the user’s money is not so difficult. So let’s understand modern smartphone protection systems and find out what kind of antivirus for Android is better.
The development of malware on mobile devices
In general, the topic of viruses is almost immense, because the overflow of smartphone market from European manufacturers (recently the Chinese got in) has led to the fact that viruses for Android began to slowly evolve. There is a general trend here: the more users move away from computers and start using smartphones, the more often malicious programs appear.
After all, the mobile device market and common infrastructure (you can use your phone to manage funds, communicate in social networks or messengers, or just to work) is a tidbit for all sorts of malicious users. With a tablet or smartphone, the modern man makes his life much easier.
And “the place is not empty,” as they say, the popularization of portable mobile devices has led many fans of “making money” not in the most honest way. It was not without opposition – now the market has enough anti-viruses for Android, designed to protect both the gadget itself and the information.
How did it all begin?
In general, the appearance of cell phones (even silent phones) increased attempts to introduce third-party malware into the firmware series many times over. But the features of the software platform + the closed file system (Nokia for instance) didn’t leave practically no chances for all kinds of malware.
The fact is that viruses on the same Windows appeared precisely because the features of the traditional computer operating system allow complete intervention in the system files which ensure stable operation. Unprotected ports, general illiteracy and other signs of mass computerization just provided a wide range for “combat” actions against the user and his computer.
And try to do something with a Nokia or Samsung push-button device. Not only did they work on a separate software platform (which is very different from traditional operating systems), but also there were many barriers for the average user (the same Korean E250 did not even allow to transfer music from the phone to a flash card, for example). And playing music files from a flash drive was a pipe dream. All the same, a closed mobile platform is technically very different from the usual computer architecture.
Consequently, the smaller the shell, the easier to control. And the fact that qualified developers of mobile platforms could even be counted on the fingers of one hand is not worth mentioning. And almost all of them worked in the production of mobile devices and smartphones, because the knowledge of such a highly specialized field was hardly useful anywhere else.
Such limitations were cured by patches and other software add-ons, which were often developed by ordinary programmers “from the people”. The main body of such activists studied the mobile platform on their own, having no appropriate education. Nevertheless, the “people’s” contribution can hardly be underestimated.
It is worth noting that this situation is not observed at all – the same Siemens Mobile in the twilight of their history has released a line of cellular middle segment (65-75 series) with a very crude software, which played in the end, only on the hand, enthusiasts upgrade their own gadgets on their own.
While the company waged internecine wars, folk craftsmen wrote entire utilities and scripts, revealing a huge layer of unfinished software solutions. A large community of patch writers and simple adherents gathered around the German machines of that time. In order to understand the scale of what was happening, it is only worth knowing that on several models of phones from the aforementioned series, managed to increase the amount of internal memory (which for others seemed more like imagination than reality).
In fact, there was no magic in it – by cutting part of the platform (by removing some system graphics and a few blocks in the firmware) it was possible to increase the amount of internal memory by 1-2 megabytes. In today’s era of Android and iOS supremacy this seems ridiculous, but at that time phone memory was limited to 10 megabytes, which made the upgrade a really useful procedure and the increase was quite tangible.
The peculiarity of the Siemens file system gave way to the first malicious programs after all. The ability to customize the software shell (with themes including original screensavers, application animations, etc.) led to one of the first malicious files appearing among Siemens. The already crude firmware was killed by a modified theme file. And in particular – the video, reformatted for the color scheme, knocked the phone into a deep sleep immediately, as soon as the user tried to install a new design by running the file.
From my personal experience – the staff of one of the company service centers in the regions were not able to restore the cell phone “killed” in this way in the repair and replaced it with a new one under the warranty. Fortunately, such files were not widespread, because the infrared port (which was the main means of file transfer at the time) was very limited and Bluetooth was used mainly by devices in the premium segment. Back then, no one even knew what a mobile antivirus was.
The collapse of i-mode
The entertainment service I-mode gave the opportunity to download files and participate in various discussions in real time. Just at the moment of one of these votes, quite a number of network members started calling the police station on their own, without human intervention. As usual, the network was overloaded. About 500 calls were registered. After a detailed analysis it was found that the operator, at the time of development and debugging of the service left the software “gap” in i-mode, which was immediately used by attackers (the last similar case occurred not so long ago – in 2016 – this time the attack was stopped by AVG anti-virus).
They were unable to determine the cause and motives for the attack, and the hysteria slowly died down. By the way, despite the persistent attempts to introduce this technology, MTS specialists have never adapted either in Russia or in the former Soviet republics, and therefore, the Japanese scenario could not be repeated in our country. Partly, the domestic user “rejected” i-mode due to the fact that the devices with similar functionality were not very popular, and there were very few of them produced (the domestic market saw only 3 models of NEC, 3 Samsung, 2 from Sony Ericsson and only 1 from LG). But we liked the good old WAP, later GPRS and CSD at least.
Returning to the products of the well-known at the time of the German manufacturer can say that not only the last generation of phones, but also the earlier series (x35).
It is not known exactly how the system problem with SMS coding opened, but the consequences were quite deplorable. The owner received a message and after opening it the phone hung up (permanently). Fortunately at that time the cell phone did not fail like later models because of the modified color scheme and was “reanimated” by changing the sim-card.
Back in 2006, the reliability of the Java machine (mobile game launching environment) was questioned. It is worth mentioning that the difficulty of virus writing for phones was also due to the fact that the executable files of the applications only worked with J2ME and did not contact the system. One of the first Trojans was RedBrowser, which caused a lot of trouble for software developers and users alike. It used Bluetooth as a distribution channel between devices. However, installing an antivirus on a gadget was out of the question, due to the nature of the platforms for that time.
Devices running this, already a full-fledged mobile OS were released in 2001 and 2003, but at that time more as an experiment. It was just here that the lovers of screwing up phones “turned around” properly. Cabir, a malicious file discovered in 2004, can be considered a pioneer. It traveled around devices in the form of an SIS system application. Somewhat later versions appeared, embedded in messengers and other smartphone software. It did not cause much harm, but it spread very fiercely.
Next, smartphone users encountered a real problem: the Skulls Trojan. It interfered with the operation of system apps and changed stock icons to its own icons. It did not affect user utilities, opening up a host of possibilities to get rid of it with an ordinary file manager.
One of the most notable malware on the Symbian platform is the “Fontal” malware. This malicious file blocked the task manager, changed the system font and crashed the device after a reboot attempt. The data could no longer be recovered and the phone had to be completely formatted. Interference in the operation of the operating system was not enough, and later there appeared programs capable of sending SMS messages without the user’s knowledge, which at best exhausted the funds on the account, and at worst sent the user’s account into a huge debt to the mobile network operator. The main roster of “pests” was developed for OS version 6.x. An anti-virus, as you can imagine, would not have been able to cope with it, and there were no such anti-viruses at the time. The system was exposed to so many threats that it was time to conduct virus ratings.
However, later versions were affected, albeit not to such an extent.
Surprisingly, unlike the first generation of smartphones, communicators were much less affected. The secret here lies in the specific architecture of the platform, and in the fact that the first PDAs (working on WM 2003 and earlier versions) as the application environment used the usual cab and utilities running on the Java machine. By the way, antivirus for PDAs already existed at that time. However, some pocket computer owners acquired one of the virus utilities back in 2004. The Duts virus was virtually harmless and extremely “polite. Once it was infected, the moment the file was launched, there was a message asking “Dear user, will you allow me to reproduce myself?”
It was more of a prank, unlike Symbian smartphones, which had already been hit very hard by all sorts of malware. Almost immediately, however, Kaspersky Lab announced that a backdoor called “Backdoor.WinCE Brador.a” had been discovered, putting the entire communicator under its control. Once infected, the attacker had full remote access to the system and all data. At the moment of infection, alternate ports were opened in case the infection was detected. For instance, commands were issued through port 44299.
Further development was not as disastrous as on the same smart phones, which, in general, saved WM users a lot of problems. And the timely issuance of new versions of the OS (6.0) negated the already dismal efforts of virus writers.
Now we are smoothly approaching the main topic of conversation – antivirus for Android.
Surprisingly, the vast experience accumulated by the virus creators and the running-in schemes tested on almost all mobile platforms and operating systems did not serve as an impetus for a rapid virus landing on the “green robot” smartphones. Why this happened – do not know for certain, perhaps the problem is that the new at the time the OS had a very complex architecture (compared to the same Symbian) and the development team took care of the security problem in advance, which was a very forward-thinking act.
One way or another, but gadgets running Android now share the leadership position with Apple’s well-known products on iOS. However, the lull turned out to be false – simply before version 2.3 there was nothing particularly malicious on the horizon. The aforementioned version of the system was just beginning to move devices to the top of the list. Most likely, it was also due to the fact that it took virus developers a long time to study Android in detail and work out any functionality, because they had to literally reconsider their basic approach to writing viruses.
It all started very typically – after the release of the Android SDK betas in 2007, some amateur developers started writing malicious SMS-reading utilities. The BFM research team at the time broke a huge story, predicting a huge number of directional vectors for Android virus writing. As with the first smartphones, these “games” were all quite harmless – remote access to the device, location detection – it was just getting started. One of the first viruses was an app that imitated an unofficial bank client. It appeared in 2010 on the Marketplace and simply collected credit card data.
The foundations for spreading malware were laid along with the creation of an app store. Play Market was identified as the main vector for distributing programs and games. Accordingly, the pests first of all tried to spread the virus software in the “official” way, which, by the way, was a very good decision. Subsequently, Android smartphone owners would install a considerable number of fake applications, losing not only data but also money. Antivirus programs at the time were not yet fully developed, and the overall situation was not yet evident.
The first Trojan appeared in 2010. It sent SMS messages to paid gateways, and was probably written in half an hour or so by a more or less experienced programmer. It was called Trojan-SMS.AndroidOS.FakePlayer.a and was disguised as a video player icon. The authorship belongs to domestic virus writers, since pay-per-view numbers, as it is not difficult to guess, were traced back to domestic aggregators. (In 2017, there were several mass infections based on a similar scheme).
It appeared at the end of 2010 and was a serious malicious code capable of embedding itself in regular games or programs. The user had no idea it was infected, which hinted unambiguously at a serious effort to create and distribute it. The executable was well camouflaged and the coordination from the remote server was encrypted. However, the DES algorithm meant that the malware was run by amateurs and not professionals. Nevertheless, the list of anti-viruses for Android at the time was not even able to detect the presence of the program, let alone make out whether it was malicious or not.
Subsequently, virus developers pounced on the app market, which really got on the nerves of the service’s moderators. The trend of spreading malware through Play Market continues, as it is the main way to distribute programs on Android smartphones. Subsequently, a hundred or two different forms of hijackers and Trojans appeared, and the battle for security is getting fiercer and more sophisticated.
What is the best antivirus for Android?
To protect against malicious programs, you need an antivirus. It helps protect your device from unauthorized access. Some manufacturers equip their devices with a built-in utility for data protection – for example, Samsung releases a KNOX-based security manager with which you can protect your device. The undisputed leader is considered to be Kaspersky Internet Security. The company offers ready-made solutions for PCs, terminals and Android smartphones and tablets.
Kaspersky Lab offers a free version that is fully functional for exactly one month. After that the user is offered to install the license. You can download it from the Market or the official site without registration. Antivirus functionality allows you to set up a list of blocked contacts, analyze messages, and scan the system for malicious and suspicious programs.
In addition, the system independently starts scanning media and internal memory, but only if the version of the program has a purchased license. A trial version with future 2018 functionality is coming soon. Numerous reviews confidently keep Kaspersky Anti-Virus at the top positions in the top.
CM Security Master.
An easy-to-use application that provides a basic level of security in the free release. One of the very interesting features is considered a feature that allows you to catch intruders in the literal sense. The program constantly keeps logs, and in case someone tries to use your phone – the intruder will be captured with the front camera in automatic mode. Otherwise, this app is more oriented for Intel devices. Also, there is a built-in VPN to protect the traffic. You can download the utility here.
Another popular antivirus for Android can be considered AVG. PC users have known this program for a long time – a special set of tools and a huge number of scanning parameters allowed AVG to gain recognition among both ordinary users and professionals (those same sysadministrators). Now AVG antivirus is also available for Android. The interface is in Russian and understandable even to a beginner. The overall rating of the application on Google Play is 4.5 and it has more than 100 million downloads.
The functionality allows you to protect your own smartphone, both on the Internet and in the case of synchronization with a PC or when transferring files from untrusted sources. Another interesting feature of this utility is the feature of irretrievable deletion of personal data. It is useful especially for those who are going to sell their gadgets and do not want the buyer to get more data along with the device.
This company’s anti-virus is one of the few on the domestic list of programs that come in a commercial form. In other words, Dr.Web is installed in institutions, as well as Kaspersky Lab software. Smartphones have not been ignored – there is a version for devices running Android. The main functionality of the program was taken over from the “older” version. One of the undeniable advantages of the application is its good optimization – the antivirus works even on smartphones with little RAM (up to 512 MB inclusive).
A widget for the desktop is present for greater ease of control. The trial version does not have full functionality – so if you suddenly need a spam filter or something else, you’ll have to buy a license.
A simple, functional antivirus for portable devices. The basic release has the following features:
- Traffic monitoring;
- Anti-Virus (a feature which allows you to track down your own phone);
- Real-time device protection.
Additional features include optimized work with removable media (flash cards), temporary files clearing and device resource consumption optimization.
A peculiar “trick” can be considered the launch of the system optimization procedure by shaking the smartphone (in the presence of an accelerometer). For the full work of the antivirus requires root. In addition, the application is not very stable on phones with RAM less than 1 gigabyte. Download and try it!
From the overall list we can make a clear conclusion – the undisputed leader can be considered application Kaspersky Internet Security. Monopolist understandably has only one disadvantage – for full functionality you will have to pay and do it regularly. More simplified (but no less functional) utilities require root rights for full functionality, which is also not always good, because some devices are deprived of warranty when getting root.
Perhaps the most unsuccessful antivirus program for Android is considered Avast. Dissatisfaction with the work of the application can be seen even on forums, which are not characterized by such discussions. Mostly, owners complain about excessive resource consumption and a very weak web filter. Apparently, not everyone manages to make an antivirus for PC and tablet or other gadgets well.
Here we have figured out what mobile viruses are and where they came from. In addition, now you know a few antiviruses for Android and which one is better.