Top SA Android malware revealed

Cape Town - A security company has revealed the most common malware targeting Android devices in South Africa.

According to a survey by security firm Kaspersky Lab, the top malware targeting local Android smartphones is RiskTool.

The malware is symptomatic of an increase in attacks in particularly in Europe and Africa as cyber crooks turn their attention to the number of new users coming online via smartphones.

Kaspersky conceded that in the past, Android users were fairly safe regarding cyber attacks, but criminals have realised that a combination of tricks can be used to gain access to a mobile device.

"However, the situation has changed dramatically over the last year - and not for the better", said Roman Unuchek, senior virus analyst at Kaspersky Lab.

Spam apps

RiskTool is able to hide on a device and start or terminate programs. This is dangerous for an Android user in that if a credit card, for example, is linked to the device, criminals could potentially steal money from a victim.

Following RiskTool in SA, Nigeria and Kenya is Trojan-SMS, and AdWare. The former is able to send premium rate SMSes without a user's knowledge or consent, while the latter Trojan is able to download malicious content on to a mobile device.

Google has made a practice of removing suspicious or spam apps from the Play Store in an effort to build trust in the platform.

"Don't transmit viruses, worms, defects, Trojan horses, malware, or any other items of a destructive nature. We don't allow content that harms or interferes with the operation of the networks, servers, or other infrastructure of Google, carriers, or any third-parties. Spam, malicious scripts and password phishing scams are also prohibited on Google Play," Google says in Business and Program Policies document.

However, despite this, criminals will usually use alternate methods of infecting Android smartphones with apps.

The most common delivery method is via spam e-mail with an attachment that discreetly installs malware on the target device.

There are also reports of instant message platforms being used to spread malware via a link that purports to install an extension.

Users should carefully check their Android devices for suspicious apps running in the background of their devices. Do this by going to Settings →  Apps →  Running.

Beyond antivirus applications, you can also download apps like AdNetwork Detector which checks for ad networks on particular applications and All-in-One Toolbox which can conduct detailed testing of an Android smartphone.

David Jacoby from Kaspersky Lab gives some tips to avoid malware in our YouTube video:

- Follow Duncan on Twitter