Android Security

How to Avoid Downloading Trojans to Your Android Device

Christian Cawley 29-08-2016

We’ve seen on repeated occasions over the past few years that Android is vulnerable to a host of hacking techniques that would previously only have been possible on desktop PCs running Windows.


Most of these vulnerabilities come via the app store, Google Play, and with the news in August 2016 that over 100 apps are carrying the same Trojan horse payload, it’s time to take a look at how you can avoid accidentally downloading such malware to your own device.

The Trojan That Spies

Trojan horse malware, by definition, offers a hidden and inconspicuous avenue for hackers to gain access to your data, system, or both. Typically they offer some kind of backdoor to everything.

In the case of the Android.Spy.277.origin Trojan, installation of an infected app results in the Trojan stealing “…confidential information and delivers advertisements. It is distributed via bogus versions of popular Android applications on the Google Play store.”

Not something you would want to happen to you.


A grand total of 104 apps were affected, and the Trojan is believed to have been downloaded by at least 3.2 million users. Once installed, 30 unique pieces of identifiable data are collected by the Trojan — including your device IMEI — which are then forwarded to a server that’s under the control of the attacker.

If you were victim to such an attack, it wouldn’t take long for that information to be used against you, resulting in empty bank accounts, maxed out credit cards, or worse.

Burn Down the Trojans

In the past we’ve had Trojans for Android that were linked to the online porn industry How Android Porn Malware Steals Your Data Malicious porn clicker Trojans are masquerading as duplicate apps, waiting to infect your Android device. How prevalent are they? What happens if you download one, and most importantly, how can you avoid them? Read More  and other seedy attempts to divert the attention of potential targets. We’re now at a stage where it’s clear that security software is a necessity for Android as it is for Windows.

But is there anything else you can do?



In other words, how can you avoid installing Trojans onto your Android device? It’s difficult, but by changing your habits when installing apps on the Android Play Store, you can reduce your likelihood of installing a Trojan, or any other Android malware.

Stick to Well-Known Apps & Respected Developers

When you’re browsing Google Play for apps, you need to take the time to check the name of the developer. You’ll find this just below the name of the app, and in many cases you’ll find a link to their website. Also, look for other apps from the same developer.



Tens of thousands (if not more) of said developers provide apps for Android devices, but only a very small portion of these are recognizable names. You’ll need to spend a bit of time looking at the other apps they’ve released and even take a few moments Googling for potential horror stories.

If you’ve failed to turn anything up after five minutes or so of searching, you can be pretty confident that this is a reputable developer (or at the very least isn’t a disreputable developer). That doesn’t mean you should stop there, however…

Read the App Reviews

Every app and game on Google Play has reviews. So if you read the reviews, you’ll get an idea as to whether the software — and by extension, the developer — is trustworthy or not.



Look for bad comments, and also replies to see how the developer responds to complaints. Do they do so in a competent, friendly manner? Do comments suggest that something is amiss, that the app or game is behaving in a way that suggests suspicious activity?

Spending a few moments to find out more about who you’re doing business with is always wise.

Check and Understand the Permissions

When you install software on your Android phone or tablet, you’re always advised of the permissions that the app or game will require. When these don’t square with the purpose of the app, you’ve possibly hit upon a potential for misuse.

If you’ve already read the reviews and checked out the developer’s reputation and found something amiss, then you shouldn’t have reached this stage. But if you suddenly find that a calculator app requests network access, then that should be a red flag.


So check the permissions, understand what is being requested, and if it doesn’t meet with your expectations for the app, don’t install. You’ll find a list of Permission Details via a link at the bottom of the app’s Google Play listing.

Avoid Third-Party App Stores

If you’re using a Kindle Fire tablet, you use the Amazon App Store How To Install & Use The Amazon Appstore To Get Awesome Free Apps! [Android] How many apps do you currently use on a daily basis? The phenomenon of mobile apps has truly changed the way we operate when it comes to customization of our devices. Years ago, you would... Read More . If you’re using an iPhone or iPad, you get your apps and games from the App Store. Similarly, with standard Android devices, you should use Google Play.

Official app stores like these are relatively safe because they have systems for weeding out the malware-ridden apps Are App Stores Really Safe? How Smartphone Malware Is Filtered Out Unless you've rooted or jailbroken, you probably don't have malware on your phone. Smartphone viruses are real, but app stores do a good job of filtering them out. How do they do this? Read More , but it can take time.


While it is possible to install apps from third-party app stores (using the Unknown Sources security setting), it’s rarely a good idea. First of all, everything you need is available in Google Play. If you’re looking for an app that is not available from Play, then there’s likely a very good reason for that.

So the rule here is to only install apps from the app store that comes with your mobile OS. Used in conjunction with the above concepts, you should find it easy to avoid Trojans and other malware on your Android device.

Block Malware with Security Software

Even if you’re up to speed with the risks from malicious software on Android, there is another thing that you can do, and that is install security software on your device. Antivirus and firewall tools are available Android phones and tablets (and other devices, like set-top boxes) and are well worth your time.

Our guide to Android security apps 6 Android Security Apps You Should Install Today Android security apps - capable of blocking malware and phishing attempts - are necessary if you wish to run a safe and secure smartphone. Let's look at some of the best Android security apps currently... Read More provides you with a good choice, and these will block malware, scan apps, and more.

The mobile app market is now wholly confirmed as a target for hackers and online scammers. There’s no reason why you shouldn’t already be running security software, but this should be used in conjunction with the other suggestions, not as a single alternative.

Have you been struck by Android malware? Tell us about what happened to you in the comments below.

Image Credit: Giovanni Domenico Tiepolo via Wikimedia Commons

Related topics: Antivirus, Malware, Online Security, Smartphone Security, Trojan Horse.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Jeff Linse
    September 6, 2016 at 7:10 pm

    It makes my battery drain it's power faster then normal. I have to charge the battery like 2 times a day. Before I would charge the battery once every two days. My phone Is a Samsung G6 Edge Plus. Is there any way to get rid of it. Got to from a porn sight.
    Thank you, Jeff

  2. Robert Christopulos
    September 5, 2016 at 2:50 pm

    Certainly going somewhere where the ethics and more so of those running the site are questionable and suspicious are automatically red flags (porn sites, etcetera). My advice-STAY AWAY FROM THEM!

    I think we need to recognize, however, that there are powerful, and marvelous creative tools that will not make their way to the Google Play Store because the creators wish to maintain strict control over the software. What I mean by this is that you might be able to buy an initial version from the App Store, but from there you need to buy a specially licensed version directly from the designers. A good example of this is the free version of My Sword. After acquiring this from the store (this is very good software), you'll find out that to acquire the better, professional versions of the software,a donation needs to be made to continue development of this fine tool. After making the donation, the pro or deluxe version of the software is downloaded and activated. P sadly I find that the Deluxe version will make any serious student of The Bible drool with envy!

    Get yourself a good password protector. One of the best is Roboform. You can download it from the Google App Store, but to really protect all those precious passwords and even to create them, you will need to purchase a license.

    I absolutely recommend DU Speed Booster for all of its amazing qualities that help you clean, speed up, and clobber viruses on your device. Also, Clean Master is very much like it. The only problem with these softwares are all the ads. I wish an ad free version was available.