Android Trojans pose a greater threat than malware to other operating systems. Taking control of the user's smartphone, he can use all the possibilities that the owner used, but to his own advantage.
First of all, the security situation of the platform is a serious concern for many Android users. In the main app-store, new applications are not thoroughly tested, the legal existence of "left" sources of applications and the ability to install software from them. All this makes Android an attractive mobile platform for writing new viruses, Trojans and other malvare for it. Moreover, the costs for an Android Market account are low, and creating a new Trojan using App Inventor is not difficult.
Despite the fact that the largest antivirus vendors have developed security programs for Android users, many Android Trojans have emerged that successfully disguise themselves as new programs, applications and utilities, as hacked versions and extensions of old applications and simply built-in programs. The number of owners of infected mobile devices is estimated at hundreds of thousands. However, from Google's perspective, the problem is more far-fetched than real. They explain their position by the following arguments:
- there are no self-replicating Trojans and viruses for Android;
- all malicious applications are isolated from each other and cannot steal classified information;
- the user can restrict the rights of each application by a set of permissions;
- Google can delete dangerous applications remotely, even without the user's knowledge.
Unfortunately, all these protections do not work at full strength or do not work at all. The lack of self-replication capability in modern Android Trojans does not mean that they will reproduce on their own in the future. The vast majority of users do not read the list of permissions for each new application. Google specialists remotely remove only known viruses and Trojans, without trying to take the initiative and try to prevent the development of criminals in the field of software development.
Meanwhile, the detected fresh versions of Android Trojans are capable of not only hiding in the system for weeks, waiting for an opportunity when the owner of a mobile device goes online. They gained the ability to work only in certain countries, and also change their code to be different from the rest of their copies. For example, the recently discovered RootSmart Trojan: does not contain suspicious code, is installed along with legitimate software, hides in the system for up to several months, then downloads a malicious add-on and gets administrator rights on the victim's mobile device.
The danger of Android Trojans lies in the fact that modern mobile devices with a similar platform acquire more and more functions. Having seized control of a smartphone, you can not only steal passwords and personal data, send SMS and call premium numbers. The smartphone can work as an eavesdropping, and even a spying device, as a means of listening to phone calls and viewing the owner's SMS correspondence, as a sensor for tracking the user's movement route. Many people manage their money in their bank account using mobile banking applications. When iPhones become ignition keys, Trojans will help car thieves. And when they become a means of access to a house, apartment and office, they will help intruders.
