Skip to main

Smartphones are an integral part of daily life: used for work, shopping, banking, browsing, and keeping in touch with friends and family. As a result, our phones contain a wealth of data — data which is valuable to criminals. Through malware — often in the form of apps — hackers can easily obtain your personal data. Read on to find out more about Android malware — what it is, how it works, and how you can detect and prevent it.

What is Android malware?

If you’re wondering, ‘Can Androids get malware?’, unfortunately the answer is yes. Android malware is malicious software that specifically targets Android devices. As with any type of malware, the intention is to harm the user’s device and steal their data.

Compared to Apple’s App Store, Google’s Play Store has less rigid security measures in place. In addition, Android users can download apps from various sources on the internet. This creates an environment in which cyber attacks are possible.

How does Android malware work?

Android malware spreads in a variety of ways, including:

Downloading malicious apps

By far the most common method hackers use to spread malware is through apps and downloads. The apps you download via official stores tend to be safe — although not always — but those which are pirated or downloaded from less legitimate sources are more likely to contain malware. Occasionally an app with malware will make it through to an official app store. These apps are usually discovered and removed quickly, but they underline the need to remain vigilant. Sometimes app developers use pirated development tools which have been compromised — which means that anything developed using these tools will contain malicious code.

Using a device with operating system vulnerabilities

Hackers can exploit any vulnerabilities within your device. Usually, security vulnerabilities are discovered fairly quickly and patched up, but if you don’t regularly update software, then your device may be vulnerable. As with your computer, it’s essential to keep your mobile device up to date, because hackers can exploit newly discovered vulnerabilities.

Opening suspicious emails

Compromised emails are another way in which hackers install malware on your phone.
For example, you may receive an email that says you have won something (a tablet, a vacation, etc). Or you may open an email which appears to be from your bank or another trusted company, asking you to update your details or log in to your account. In both scenarios, if you click on the link, you may be taken to a malicious website which downloads and installs malware on your phone. The data on your phone may then be exposed to the hacker.

Phishing via text messages or voicemails

You may receive a text message or a voicemail from what appears to be a legitimate source asking for personal information either about you or your device. Hackers use this information to steal whatever data they can, including social security numbers, credit card data, and so on. They may even be able to use it to make a targeted attack to install malware on your phone.

Using non-secure Wi-Fi/URLs

When you visit insecure websites, you run the risk of exposing sensitive data sent from your device. You’re also more vulnerable to man-in-the-middle attacks and being exposed to malware. The browser on your phone could also be a source of vulnerabilities, which could lead to web browser attacks. Make sure you have the most current version of whatever browser you use.

Impact of Android malware

Besides the irritation of constant ads, mobile malware can access your private information, such as:

  • Your banking credentials
  • Your device information
  • Your phone number or email address
  • Your contact lists

Hackers can use this information for a variety of malicious activities, such as committing identity theft using your banking credentials. For example, the Anubis banking Trojan does this by tricking users into granting it access to an Android phone’s accessibility features. In turn, this allows the malware to log every app that you launch and the text you enter, including passwords. After you grant initial permission, the malware’s activity is invisible on screen, with no sign anything malicious is taking place when you log into your accounts.

Hackers can also use malware to collect and sell your device and contact information, until you’re bombarded with robocalls, texts and more ads. They can also send links for more malware to everyone on your contacts list.

Do I have malware on my phone?

If you notice the following things happening, your phone might be infected:

  • You start seeing lots of pop-ups, inappropriate ads, or ads that interfere with page content
  • You start seeing ads on websites where you wouldn’t normally expect to see them
  • Your battery appears to drain much faster than usual
  • You see apps you don’t recognize on your phone
  • Your device slows down, crashes, or displays repeated error messages
  • You notice new or unexpected icons on your desktop or toolbars in your browser
  • Your device won’t shut down or restart
  • Your device won’t allow you to remove software
  • Your device uses a new default search engine or internet home page
  • Your browser displays new tabs or websites you didn’t open
  • Contacts say they have received emails from you, which you didn’t send yourself
A&#160^;robotic hand using a&#160^;mobile phone

How to check for malware on Android

So, how to detect malware on Android? Aside from looking out for symptoms, you can learn how to find malware on Android by following these steps:

  • Go to the Google Play Storeapp
  • Open the menu button. You can do this by tapping on the three-line icon found in the top-left corner of your screen
  • Select Play Protect
  • Tap Scan. Your device will start checking for Android malware
  • If your device identifies harmful apps, it will give you an option for removal

You don’t have to rely solely on manually scanning your Android device. You can give yourself more protection by setting up automatic scanning for your phone to ensure you are alerted any time malware invades the system. To do this, tap the gear icon in the top-right corner of the Play Protect window, and make sure both sliders are set to green.

However, removing apps you think are malicious can be tricky. Sometimes, it is sufficient to remove the app’s permissions and delete the app. Other malicious apps will give themselves administrator privileges, so they can’t be deleted without extra steps. Find out more in our guide to Android virus removal here.

How to protect your Android device from malware

Taking cyber security seriously will help reduce your risk of falling victim to Android malware. Here are some malware protection tips to help keep your Android device safe:

Only download apps from official stores

Avoid downloading apps from third-party marketplaces. That’s where hackers plant their malware-ridden apps. Apps from third-party stores are not subject to review by Google and can more easily sneak malicious software onto your phone. Google doesn’t always catch everything before it gets on your phone, as reports about malicious Android apps being removed show, but sticking to the official Google Play Store — and having a direct outlet to report problems you encounter — will maximize your safety.

Read through app permissions

Ask yourself whether they match the purpose of the app. Granting the wrong permissions can send your sensitive data to third parties. It’s also wise to read app reviews to see if other users report issues or strange experiences.

Get well-known software directly from the source

Sites offering different browsers, PDF readers, and other popular software for free are more likely to include malware. Stay away from dodgy websites and always check if the developers are legitimate. If you have never heard of them, check to see if there have been concerns about them published online.

Read each screen when you install new software

If you don’t recognize a program, or are prompted to install bundled software, decline the additional program or exit the installation process.

Be wary of free antivirus trials

Free antivirus trials could be malware in disguise that attacks your mobile device. Affordable Android security software is available from trusted vendors like Kaspersky, which will do an effective job of blocking malicious apps.

Install and update security software
Set your security software, internet browser, and operating system to update automatically. Keeping these elements up to date will ensure you benefit from the latest security patches.

Pay attention to your browser’s security warnings
Many browsers have automatic scanning functionality and warn you before you visit an infected webpage or download a malicious file. Don’t weaken your browser’s security settings. You can minimize bundled or drive by downloads if you maintain your browser’s default security settings.

Think before clicking on links in emails and text messages

Criminals send phishing emails and texts that trick you into clicking on a link or opening an attachment that could download malware. Be alert, and instead of clicking on a link in an email or text message, type the URL of a trusted site directly into your browser.

Avoid clicking on pop-ups or ads about your device’s performance

Scammers insert unwanted software into pop-up messages or ads that supposedly warn you about your device’s security or performance. In general, avoid clicking on these ads.

Scan USB drives and other external devices before using them

These devices can be infected with malware, especially if you use them in high traffic places, like photo printing stations or public computers.

Lock your phone

Setting up a lock screen will increase the security of your Android device. You can do this by setting a PIN, password, or pattern, which will prevent others from easily gaining physical access to your phone. This won’t protect you from online threats, but it will keep your personal information safe if you lose or temporarily misplace your phone.

Enable encryption chip

Depending on the age of your device and its features, you may be able to enable your phone’s storage encryption. This feature is much more secure than the average lock screen feature and requires a two-step authentication password to use the device. This won’t work for everyone: older operating systems often don’t offer this feature.

Disable Bluetooth connectivity when in public

Bluetooth allows your phone to connect wirelessly with other smart electronics—and enables other people to connect to your device without your permission if it’s left on and unattended. Attackers could be anywhere, so leaving your Bluetooth on puts you and your personal information at potential risk.

Use anti-malware software

Install a reputable anti-malware app from a trusted and secure source such as Kaspersky. Every time you download a new app, run a scan to check the download was successful and did not contain any malicious code.

Related products:

Further reading:

How to detect and avoid malware on Android devices

Malware can target Android devices. Learn how to check for malware on Android & how to protect Android devices from malware.
Kaspersky Logo