Apps are the programs or software on mobile devices, and the way they are purchased or downloaded differs significantly from those on desktops and laptops. Specifically, programs on laptops are downloaded from websites of the software creators. In particular, since the advent of smartphones, apps are downloaded from dedicated app stores belonging to one of three mobile ecosystems: Apple, Google and Windows.
The largest of the app store is perhaps Google Play Store, with Apple App Store a close second. It has been described in the popular media that apps from the official Google Play Store is safe as Google has done preliminary checks for malware on the apps. However, this may not be true because Google does not have the necessary resources for checking every single app on the Google Play store for erroneous coding, embedded malware or ransomware etc. Hence, the Google Play Store cannot be viewed as a safe locale in which all apps can be explored without repercussions to personal privacy and device security.
More importantly, given the nature in which Android is designed where a permissions system controls the apportionment of specific permissions of device function to particular apps, high possibility exists in which individual apps could gain total control of a device without the mobile device owner realizing it. This could very likely happen where the content or functionality of the app outweighs potential risks associated with use of the app. One popular way in which malware and ransomware travels into a user’s mobile device is via games, movies or file sharing apps with embedded malware.
Another avenue in which hackers seek to control mobile device is more insidious. In this case, hackers are not interested in user’s files, photos, locations, contacts, or documents, but rather, they seek to control a critical number of devices for clustering them into a botnet, useful for future initialization of distributed denial of service attacks, for example, on telecommunication companies’ servers and mobile base stations.
Viewed in closer detail, the architecture of Android makes it extremely vulnerable to control by specific apps with malware embedded. Specifically, these apps could masquerade as legitimate apps with a useful function such as provision and easy retrieval of news content from particular news agencies; however, it could be coded in a way that took full advantage of the inherent design weakness of Android for gaining almost complete control of the device from the rear and front camera to microphone and speaker, and finally, all communication ports such as WiFi, Bluetooth and 3G/4G. Naturally, complete control of a device by malware meant that user’s data and privacy are lost.
But why is Android so vulnerable to malware attack and could a good antivirus app thwart such attack that gives the hacker complete control of the device? The answer is: Android provides different apps’ individual parallel paths to access different parts and functions of the operating system, application layer and communication ports. Thus, depending on design, specific apps could gain access to different functions of the operating system and device with ease, and, most importantly, in an unregulated function. Can app design and safety be regulated by the companies managing each app store? Answer: Not possible from the resource perspective. Put another way, app and software safety rests on the vigilance of individuals as well as experts’ reviews on computer magazines and reputable websites’ recommendations.
Hence, specific architecture of Android opens up a key design flaw that allows malware infected app to take partial, critical or complete control of a device; thus, making the selection of apps crucially important to maintaining device security from the privacy perspective. By providing unregulated access to critical functions and communication ports of Android devices to any app, the Android operating system is vulnerable to embedded viruses and malware, even from apps in the official Google Play store since specific code modules in the app could take control of desired functions and ports in the device. How should one protect himself/herself from such attacks? The most important of which is to purchase a good antivirus app from Google Play Store. Secondly, one should only use apps developed by reputable computer companies such as Microsoft, Google etc. But, doing the above is still not foolproof for ensuring device safety and security given the inability of even the best antivirus solution from protecting against malware infected apps that took advantage of loopholes of Android for entering the operating system. A future may portend where antivirus solution for mobile devices need to be updated constantly in, virus definitions, for protecting critical vulnerabilities in older versions of Android whose operating system loopholes are not patched by system updates from the manufacturer. An unpatched Android operating system remains the most critical vulnerability in the mobile device ecospace as computer programmers and system designers fathom about device security and, by extension, mobile computing safety from the information protection perspective.
Category: computer security,
Tags: exploits, Android, malware, Google Play Store, sandbox, communication ports, Windows Store, Apple App Store,
Acknowledgement: Ng Wenfa thank Seah Kwi Shan for co-authoring this blog post.