DroidDream: Securing your Android phone against malware
So we decided to put our advice into action in the NetSafe office after this morning’s post on the discovery of DroidDream.
My colleague John willingly checked out his Motorola Droid’s firmware and discovered he was running 2.1 (Eclair) and (worringly) unable to upgrade.
Next up he installed AVG’s free anti-virus for Android app (there are others available also we should note) and discovered to his surprise that the scan picked up one of his fun wallpaper apps as malware.
John ‘fixed’ that issue by uninstalling the app concerned – the Jackeey Wallpaper app it turns out was identified as a risk back in July last year but Google later lifted the Market ban stating to the developer:
“Our investigation has concluded that there is no obvious malicious code in your apps, though the implementation accesses data that it doesn’t need to.”
Once that app was uninstalled he moved on to OS insecure settings flagged by AVG and turned off the ability to install apps from outside the Market.
A quick rescan and the phone is now considered secure and can be set up to re-scan automatically just as your desktop PC would.
There’s a 3 minute video below of the process if you want to follow along. Please leave a comment if you find similar issues on your Android powered phone:
Update: For the alternative take on ‘the semiannual Android malware freakout show’ read JR Raphael’s opinion on the latest smartphone virus reports:
I’ve said it before, and I’ll say it again: Threats are everywhere. The answer isn’t locking down the world; it’s taking basic precautions.