With the introduction of the industry-first technology named App Anomaly Detection into Bitdefender’s Mobile Security for Android solution, users gain a new layer of protection from malware that has never even been seen before.
Attackers continuously work to develop new ways to compromise Android phones and tablets via official stores, third-party websites or manual installation. Of course, tricking people into downloading and installing malware of their own volition is a widely used attack method.
The addition of App Anomaly Detection aims to cover scenarios in which, for some reason, the malware is actually installed and tries to run on a device. The reasons why this could happen are much more complex than most people realize.
A security solution that promises to stop everything at the gate is not enough. Security needs to be active after any app has been installed, which is a very important aspect when it comes to protecting the Android platform.
There’s no reason to imagine the path of an attack when we can see one in action and witness how the security solution deals with the threat. But until then, we have to understand how a device can become compromised.
One of the biggest security problems is the actual user. And since we get our telemetry from consumers who install Bitdefender Mobile Security, we can also tell when someone tries to do their worst by working against the security solution. Some people ignore repeated warnings not to install a malicious app, dismiss the results of scans, and even go as far as to disable the security solution so they can actually deploy dangerous apps criminals use in attacks.
Official app stores are usually safe sources of applications, but our previous research has shown that’s not always true. Some apps slip past the gates and end up on people’s devices, even when they believe they got a legitimate app. Sometimes, attackers are only interested in serving annoying ads over other apps, but it’s also possible to get malware droppers from time to time. This is one reason Google and other companies often remove apps from the official stores.
A user may also download a perfectly legitimate app from an official store, only to fall victim when a later update turns that application malicious.
We also cannot discount third-party download sources. One of Android’s strengths is the user’s ability to install apps without the use of official stores. It’s also one of the most significant security liabilities because many third-party Android app sources are teeming with malware ready to be voluntarily installed by people.
This is where the reality check comes in. It’s always possible that a new malware makes its way onto a device, whether from an official store, a third-party source, or a malicious campaign. It might pass initial inspection or the user could force its installation. Whatever the case, the user must remain protected even after installation. A security solution’s job is never over.
Let’s take the example of Xenomorph, a highly advanced type of Android malware that first appeared in the Google Play Store. It’s a banking trojan continuously under development with two goals: bypassing scans and adding new functionality. As it stands, it’s likely one of the most advanced active types of malware.
Here’s one way a user might become infected with this malware, even if the device is already running Bitdefender Mobile Security. It involves the user doing something they shouldn’t: manually granting the malware access.
Of course, the malware may look legitimate, but one of its actions is to display a transparent window ready to capture the user’s input. And because it needs to perform this action to steal information, the App Anomaly Detection is ready to intercept the malware. It doesn’t matter whether it’s a new version or the user forced the installation; the technology will detect it and inform the consumer.
Of course, this is not the only scenario in which the technology is activated, but it shows just how insidious some malware can be and how Bitdefender works to keep people safe, no matter the platform.
The new App Anomaly Detection is now available for all Bitdefender Mobile Security for Android users at no extra cost.