How Does Malware In Android Applications Work?

Tagged: , , , , , , , ,

How does malware in smartphone applications work?

With the news that yet another malware infected application has hit the Android marketplace, we ask what the hell does a malware infected app look like and what are developers hoping to achieve by letting unwitting smartphone owners install such applications?

So how do you get a nasty app on your phone in the first place?

Most of the time users will be downloading a “repackaged” application. One that looks like another legitimate app but simply masquerades convincingly as this while actually being a nasty bit of stuff. This graphic shows the most recent repackaged apps that have plagued and infected the android marketplace and mobile devices of late:

Mobile Fake Apps
Mobile Fake Apps

The prize most malware developers are aiming for:

As with most blood sweat and tears, the reasons for the effort in the first place is usually monetary gain, but how can you monetize an infected app?

Simple, with the help of graphics from a mobile security firm called Lookout who specialise in stopping malware, viruses and loss and theft related to smartphones and mobile devices.

android malware process
Malware process

Here are the top methods explained:


Simply put this is where an application offers seemingly legitimate in app advertising to cover its free cost, but in reality clicking that link will cause the application to infect your device….they are not necessarily free apps though.

This graphic shows how this would work on a mobile device.



Spyware is designed to use or collect data without a user’s knowledge or approval. This may include targeting a users call history, location, their browsing history, text messages etc and will be other targeted at an organization or individual(s) or non-targeted in a scatter gun approach where the developer of the spyware hopes for as much information as possible from a large set of people.

Not all spyware is bad, some parents use it to track their children to make sure they are safe based on location spyware.

In the event of nasty spyware, the developer may be selling the data obtained or be doing it for an unscrupulous business or person, or like in many hacker cases, simply making a point and exposing security flaws (often in search of a job!)


This is essentially software designed to engage in nasty behaviour on an infected mobile device.

Ways in which malware can manifest itself include: Remote control of a device, sending unsolicited texts and racking up huge bulls unknown to the owner are some of the ways that malware can be an issue if it finds itself on your mobile device.

Malware can also be used to steal sensitive information such as personal details that could lead to identify fraud or financial loss.

Privacy Threats

These could be within applications that you agree to legal contracts with but do put your privacy under threat when location based services are taken into account. These may not be illegal at all.

How to stay malware safe on your mobile device:


  • Only download apps that are trusted and have some history of trust associated with them, (its easy to set a site up with fake reviews) but less likely if their are multiple reviews form trusted sites.
  • Set passwords for your devices.
  • Check links go to where you expect and report or abort ones that do not.
  • Keep firmware updated.
  • Do not trust the Android marketplace as most of the recent nasty apps that have been found have been downloadable from here.
  • Be wary of Jailbreaking your iPhone which can leave your generally safe Apple device open to malware and infected applications, or in Android world allowing “sideloading” on your Android device, where you can download apps from other markets, though why we are telling you this in the Android case is unclear when their own marketplace is riddled continually with malware!


Estimated mobile malware infection rates globally in 2011:

Estimated mobile malware infection rates globally
Estimated mobile malware infection rates globally

As you can see from the graphic above the rise of malware is starting to really present issues in such a new marketplace, I wonder if things need to be done quick in the Android case in order to stop fear and doubt spreading quickly?

Anthony Munns