Do you have malware on your phone? Unless you’ve rooted or jailbroken your device, the answer is probably no. Smartphone viruses are real, but app stores do a pretty good job of filtering them out.
Of course, no process is perfect. Stuff has gotten through, which we’ll get to.
But assuming you stick to your phone’s official software store – the App Store for iOS and Google Play on Android – the odds of infection are extremely low, thanks to approval processes on both platforms. Let’s talk about how these systems work, what kinds of malware have gotten through, and how you can protect yourself.
How Do The Filters Work?
As of spring 2015, both major mobile platforms review software before adding it to their app stores. For one platform, this is a recent change.
Google’s Android Market (now Google Play) was once famously open, meaning apps of all sort were put into the store without a lot of oversight. Problems like malware were caught by users – Google would take down apps when problems were reported. A software malware filter was eventually added, which scanned all submissions for known infections.
Sometime in late 2014 Google went even further, employing someone to look over every app.
Human reviewers (not kittens) manually review every app that goes into the store. Google’s approval for apps tends to be fast – usually a couple of hours, sometimes a few days.
Apple’s not so speedy – apps sometimes take a week to get through the App Store approval process. Human reviewers have gone through every app since the Store launched, meaning developers have to wait a long time after submitting their app before it shows up in the store. Software with malware is usually rejected (along with a lot of other apps).
Say what you will about how long this process takes – and many have said plenty – but the result is that very few of the millions of apps in the App Store have ever featured malware.
Both systems mean that the software you install using the official stores on your phone were reviewed, by some combination of software malware filters and human reviewers. The odds of something nasty getting through all that is low, but not impossible: some things have gotten through on both platforms.
Examples of Malware Getting Through
Contrary to popular belief, iPhones can get malware, mostly if they’re jailbroken. But it’s been proven, in theory, that malware could slip through Apple’s famously strict filtering process. A research team at Georgia Tech managed to sneak some malware into an app, and Apple’s process did not catch it. Being researchers, they pulled the app themselves – a courtesy actual scammers probably wouldn’t bother with.
Actual adware has gotten through Google Play’s process. Earlier this year Durak, a fairly popular card game, was found to include malware. This would stay dormant for a while – likely the reason it wasn’t caught – before showing popup ads for third party app stores. (Presumably, if you installed these third party app stores, you’d end up with even more problems).
Google has since removed Durak from Play, but it’s possible similar apps could slip through in the future. If you’re suspicious, follow our steps to find out if your Android device has malware.
Don’t Panic, But Stay Vigilant
It’s worth noting that, in both these cases, the apps were eventually found and removed from their respective stores. In this way, users serve as a second approval process: discovering and reporting malware, which gives Apple and Google a chance to remove the offending apps.
This means that, if you want to avoid such malware, the following steps will go a long way:
- Stick to software found in the official app stores: Google Play on Android and the App Store on iOS.
- Avoid apps with very few reviews, or that were added to the app store only recently, unless you really trust the company that makes it.
- Google apps you’re not sure about, to find third-party reviews from sites you trust.
Malware Outside App Stores
While official app store infections are possible, they shouldn’t be the main concern for mobile users. Most Android malware, for example, comes from third-party app stores (i.e., not Google Play) or pirated software from shady sites (read this before downloading cracked Android apps).
But malware doesn’t have to come from apps at all. Wirelurker, for example, infects iOS devices via OS X, over USB – and it works regardless of whether your iOS device is jailbroken. To quote Palo Alto Networks, a security firm:
WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken.
So, part of keeping your mobile devices free from infection is keeping your desktop devices clean – and even Mac users need to be vigilant. Here’s how to tell if your Mac has malware.
I’m not a big fan of the walled-garden approach to application distribution, but I have to admit: malware is a pretty strong argument for this approach. But I’m sure you all have opinions, so let me know what you think in the comments below (even if it’s that I’m a horrible wrong person, who is wrong).