Recuperate Your Infected Android Device Now
If you have an Android device then this article is for you. At times, you may have suspected that your Android device could have malware. An obvious sign of infection would be the device screen getting locked with a ransomware demand, or data getting encrypted and a ransom being demanded for the decrypting key. As stated, these are obvious indications, but there are less obvious symptoms, including sudden slow down, high data consumption disproportionate to your usage, slow response, device freezing, Wi-Fi activating and connecting on its own, data getting corrupted, unwanted pop-ups, etc. The culprit could be an infected app containing Android malware. Some apps ask for many unnecessary permissions, which can cause issues.
There are more than 3 million apps on the Google Play Store including thousands of games, free software, useful applications, tools, etc. Cyber criminals impregnate Android malware in applications that do not raise any suspicion. These applications look useful and you may download them unsuspectingly, resulting in your device getting infected.
There are quite a few infectious apps, and it is in the best interests of Android users to protect themselves. If your device is infected you should assess the level of infection. If you are still able to use the device, you can rule out ransomware. Let’s list the trouble-shooting/mitigation measures that we need to follow.
- Switch off your Android Device
This is the first option, as it helps control many processes. Shutting down the device helps stop any data exfiltration activity. Most malicious apps seem to steal and send the contact list, followed by text messages, photos etc. If the Android malware had been a keylogger it would have captured and sent login credentials of your social accounts, mail accounts, bank accounts, etc. Further, the malware could be contacting a command-and-control server to download other more malware.
Shutting down provides you time to assess the situation. You must attempt to identify Android malware. And if you have synchronized the data on your Android device to a cloud location (or taken backup), then check whether that data is safe, and also take a backup of the synchronized data (just in case).
- Delete/Uninstall the App
If you have been able to identify the malicious app then you must switch on your phone, immediately disable outgoing internet/Wi-Fi/Bluetooth connectivity – and then go to settings -> Apps, and Uninstall the app with the data. If unable to uninstall atleast ForceStop the app. You could attempt this troubleshooting step in Android Safe Mode which disables all third-party apps. Removal would be easier.
- Review App List
Check out all other apps and remove/disable whatever unnecessary. Don’t worry, apps can be reinstalled whenever necessary.
- Robust Endpoint Security
To combat Android Malware there are specific antivirus/antimalware solutions. Choose a robust solution that is able to thwart zero-day exploit attacks and advanced persistent threats.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.