Smartphones are your on the go everything, from financial transactions to professional communications to entertainment — reasons why smartphones have become a frequent target for hackers, even more so than computers. Your smartphone could be hacked and you might not be aware of.
Security researchers are witnessing a significant shift in hackers behavior and their evolving taste in the smartphone community. Of course, at this point your smartphone has more information about you, more than you think.
At any given time your phone knows your whereabouts, who you might be talking to, all your banking app passwords, your email, your personal pictures and what not. All this data in one place makes the smartphone an Aladdin’s magic lamp for exploiters.
A research conducted by Check Point concluded that over 1 million smartphones are affected. It is speculated that hackers have gained access to more than 1.3 million Google accounts; including personal documents, photos, emails and more.
How Vulnerable is Your Smartphone
Android is the most used operating system in the world, and second largest OS in general, it requires around 12 million lines of coding to create the Android OS. This complexity gives space to bugs to get through even after multiple checking. These bugs can further be exploited to manipulate your smartphone and what data you store.
Most recently, WhatsApp discovered a critical bug that let hackers load spyware without user’s permission. A user would receive a WhatsApp call from an unknown source, and regardless of whether the user answers it or not, their phone is taken over by the exploiters. They install spyware that bypasses Google security check for all the application and turns on the phone’s camera or microphone to carry our harmful activities.
A lot of people are into customization; they’d download a third-party modded app without knowing the dangers involved. Just like any other app or official app, modded apps, too require specific permission to access camera, location, storage and others. Meaning you could be handing over your smartphone to a complete stranger and letting them access whatever they want.
Another vulnerability in smartphone comes from accessing unsecure sites. Earlier this year in February, hackers seeded unsecure websites with malware. The malware was hidden inside an image through a code that was in .PNG format. If a user chose to download the file and open it, the code would execute automatically, giving all-out access to hackers.
Andrew Blaich, a researcher for Lookout, and Eva Galperin, EFF’s cybersecurity director, together presented their findings on a malware campaign that was running on a global level targeting smartphones. According to their study, the malware had affected thousands of users in over 20 countries. The attackers target smartphone community using official look-alike apps and getting them installed. Once the app was installed, it would gain root access to the phone, giving complete control to the hackers.
Galperin says, “Getting a look into someone’s personal device is tremendously personal, it’s like getting a look into their mind.”
Missing Out on Firmware Updates
Not every smartphone receive frequent updates. If the market trends say anything, phones older than years are open to more security risks. The frightful side of Android upgrade program has left millions of smartphone open to cyber attacks. Moreover, older smartphone users tend to download the modded app way more compared to the latest smartphone. The limitation of firmware restricts new trending app to work on predated android versions. Some OEM cut support to even their latest smartphones, even after google’s wholehearted support.
Although the developer community do try to help by introducing custom ROM and firmware. That too isn’t safe as the device requires rooted access.
How Can you Stay Protected
Know Your Rights — Since the advent of GDPR, consumer rights have strengthened. Users now can request their data deletion if they don’t feel secure vendor with their personal information.
Don’t Use Third-Party Apps — It is advisable not to load apps outside the genuine source as they may contain malicious elements. You may have to adjust a bit on the customization or visual grounds, but you’ll have proper security.
Never Click Suspicious Ads or Pop Ups — no matter how tempting or click bait-ish an ad appears, refrain from clicking it. Often the popups and ads are coded with the virus that could freeze the complete system and trick users into installing a malicious app that does more damage than good.
Keep Your Firmware Up to Date — Updating the firmware or security patch isn’t something users can do by themselves, rolling update lies with the smartphone manufacturer, so as soon as there’s a notification of firmware update, do it. Same is with the apps you are using. New version brings bug fixes and bridges any vulnerability in the app, by updating, you minimize any risk.
Avoid Opening Unwanted Emails or Messages — The .PNG malware also targeted people through email. A user would receive a mail with an image attachment, and as soon as the user opens it, the code executes and takes over the smartphone.
Hard Reset — If one day you find an app in your app drawer that wasn’t there before and you have no recollection of installing such app, delete it immediately. If the app is still there a day later, establish a powerful antivirus like Malwarebytes and give your smartphone a thorough scan. If the problem persists, do the hard reset.
Use of Good VPN — There are tons of VPN out there, but not all of them provide measured anonymity. You can research a bit and download VPN with a premium plan and surf the web without having to expose your personal information.
Conclusion
Security breaches are getting worse, and smartphones are now more at risk than ever. Zurich Insurance Group and a think tank of Atlantic council reported online industry would expand the global economy by 8 %, however, the expenditure on security and managing the safe business will outweigh the benefits by a large margin.
This report shines a light on the dark side of technology eclipsing all in range. You can always take caution to stay a hands distance from danger and if you chose to download apps from the third party, do it from reputed stores.