A recently discovered Trojan for Android led Google to say it would "take steps" to ensure malware didn't end up in the Android Market in the future. Whatever steps those may be, it's highly likely there are tons of malware-laden mobile apps out there. Are there any best practices for detecting clean apps from infected ones? Is there a simple strategy we can communicate to corporate users to help them pick clean apps?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
The recently discovered DroidDream Trojan wasn’t the first Trojan for Android and wasn’t the first time Google removed malware from the Android Market or from smartphones. The steps Google Android security head Rich Cannings stated the company would take to remove the malware should help minimize the impact on users. As such, it's likely Google is more effectively identifying Trojans -- or any Android malicious apps -- and removing them from their Marketplace.
One way to determine whether an app may be malicious is to check the feedback on applications from other users. However, users will still need to minimally evaluate applications when installed to see if they are granting access to too much on the local system.
Best practices for detecting secure Android apps from infected ones are still emerging, but users should use extreme care when installing applications from outside of trusted marketplaces. A simple strategy that you could communicate to enterprise users as a part of your smartphone security awareness policy would be to use trusted marketplaces only and to have users check with a third party that evaluates applications for security. The Veracode directory lists applications they have approved, and the directory is expanding across mobile applications and to other similar vendors who rate applications like NSS Labs Inc. or West Coast Labs. Enterprises could also deploy antimalware software to users' smartphones that could prevent malicious applications from getting installed. These additional security tools add processing overhead to the operations and management of the smartphone, however, you should weigh the risks and benefits.
Related Q&A from Nick Lewis
Cross-platform malware enables attackers to leverage their attacks using infected Microsoft Word docs. Expert Nick Lewis explains how the attacks ...continue reading
How was the ATMitch malware able to loot cash machines, then delete itself? Expert Nick Lewis explains how the fileless malware works and how it ...continue reading
DoubleAgent malware is a proof of concept for a zero-day vulnerability that can turn antivirus tools into attack vectors. Expert Nick Lewis explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.