As part of National Cybersecurity Awareness Month, we want to make sure you understand the various threats attacking your mobile device. This article will focus on malware – how to tell if your phone is infected and what to do next.

What is malware?

Short for ‘malicious software’, malware is software designed to cause damage to a computer, server or network. Malware is often referred to as a virus or infection and can come in many forms including the following types:

  • Adware – designed to show frequent ads to a user in the form of pop-ups, sometimes redirecting you to web pages or applications
  • Banker Malware – attempts to steal users’ bank credentials without their knowledge
  • Ransomware – demands money from you in exchange for the files or the functionality of the devices being ‘held hostage’
  • Rooting – ‘roots’ the device, essentially unlocking the operating system and obtaining escalated privileges
  • SMS Malware – manipulates devices to send and intercept text messages resulting in SMS charges without you knowing
  • Spyware – monitors and records information about your activity on your device without your knowledge or permission
  • Trojan Malware – hides itself within a piece of seemingly innocent software

Diagram of mobile malware

Read more: Calling All Threat Hunters – Mobile Malware To Look Out For in 2021

What are the symptoms?

A few signs you’ve got mobile malware and your device has been compromised include:

  • Battery draining faster
  • Pop up ads
  • Unexplained apps
  • A surge in data consumption
  • Unexplained charges
  • Reduced performance

What are the causes?

Cybercriminals looking to have a greater return focus their efforts on organizations and use a variety of tactics to infect the maximum number of corporate devices. Here are a few ways mobile malware can get to your device.

  • Infected applications – Hackers infect known applications or create their own and are usually downloaded from third-party app stores
  • Malvertising – Online advertisements are infected with malware, distributed by ad networks and appear silently on legitimate sites
  • Scams – Rely on the user being redirected to a malicious web page after clicking on malicious email, text message or pop-up screen
  • Direct to device – Requires direct access to the device to download or sideload malware

What’s the treatment if you’ve got mobile malware?

So you’ve got a malware infection, what now?
Reset or restore your device following these steps for iOS

  1. Use iCloud to back up the data on your device
  2. Go to Settings > General > Reset
  3. Click “erase all content and settings” to clear all apps and data
  4. Restart your iOS device and set it up again.
  5. Sign in to iCloud when you set up your iOS device and restore your backed-up data.
  6. Re-download your apps again from the App Store

For Android, malware apps with tamper with the device’s administrator settings to give itself core app permissions so it can’t be uninstalled the normal way.

  1. Go to Settings >> Security >> Device administrators
  2. Find the suspicious app
  3. Uncheck the box
  4. Choose “Deactivate”
  5. Select OK
  6. Return to Apps or Application Manager to uninstall

Scan your device for viruses – clicking malicious links can instigate silent downloads of malware that go to work corrupting devices without your knowledge.
Watch out for warnings of identity theft and put a fraud alert on your credit account.

Mobile malware prevention

The best remedy is prevention. Stay safe from malware by following this guidance:

  • Don’t download apps from third-party app stores
  • Read the reviews before downloading apps
  • Uncheck the “Install from Unknown Sources” option on Android
  • Install OS updates as soon as they are available to ensure important security patches are in place
  • Check app permissions before installing an app in case it is asking to access something it doesn’t need to, like camera access for a calendar app for example

No matter how hard you try to educate yourself and your team, it’s inevitable that some attempts will slip through the net. To stay ahead of the attacker it’s imperative to have a security solution in place which is able to intercept traffic to phishing sites, stopping the threat at its source.