It was reported yesterday that malicious apps running on Android phones has resulted in 1 million Google user accounts being hacked. Check Point Software Technologies estimates that 75% of Android phones are still vulnerable to this attack. Once the attackers take over the phone, they can then gain access to the user’s Google accounts. Often the best way to steal data from a mobile device is to simply steal data and images stored in a user’s account. That applies to all brands, not just Android.
A big problem is that security patches that protect against these kinds of breaches never reach users’ Android devices because of something known as Android fragmentation. When Google releases security patches, the patches are sent to device manufacturers, who are then responsible for releasing the patches for their different models. Some do not release the patches, or do so after a long delay.
Google is taking steps to help mitigate the problem, such as scanning phones and apps to look for Gooligan code and forcing resets of credentials to Google accounts. But so far that hasn’t been enough to protect those million users that have had their accounts hacked.
So, what can you do? Always stay up to date with the latest Android versions and patches. Choose a brand that has a track record for releasing patches every 30 days. Blackberry is one of those brands, but few people use those devices. If 30 days is too long to wait, consider using the Google Pixel line of Android phones since, because Google makes the devices, patches and upgrades should be available for download immediately upon release. Note: Brand names are mentioned to provide value to you. We do not receive any kind of compensation for mentioning brands. Another strategy is to install as few apps as possible on your device. Each app is a potential security issue and many people have installed apps that they realize are not essential, and some apps are rarely, if ever used.
Please forward this to anyone you know that uses Android devices and would like to be more secure.