There’s been much controversy over mobile OS security, especially where Android is concerned. With 47 per cent of the smartphone market in Q4 of 2011, according to ABI Research, it’s no wonder that Android is getting attention.
Its openness fuels adoption by smartphone manufacturers and wireless carriers, aids in mobile innovation, and helps bring more free apps. But some, like those who develop security apps, think its openness also makes it an easier target for malware writers and cybercriminals.
Android malware growth
Depending on where you go, you’ll find varying stats on the amount of Android malware we’ve seen thus far. This is complicated by the fact that most of the information available about malware comes from security vendors, who obviously have a pony in the anti-malware race.
One thing they all agree on is that the amount of malware targeting Android has been growing. For instance, a report from Trend Micro (PDF) includes a chart that shows a large spike in the amount of total Android malware in 2011. Meanwhile, according to NQ Mobile , cases of malware increased from 4,781 cases in 2009 to 10,369 cases in 2010 and 22,600 cases in 2011. And according to Lookout, the likelihood of Americans encountering Android malware went from 1% in the beginning of 2011 to 4% by year’s end.
But the vendors don’t always agree. For example, at the end of January, Symantec announced that 13 apps in the Android Market contained malware. Other security vendors disagreed; Symantec later backtracked and said that the code it thought was malware was really from an aggressive ad network.
Meanwhile, Google has reported a 40% decrease in the number of potentially malicious downloads from the Android Market from the first to the second half of 2011. (Of course, Google is only accounting for the official Android Market, while the security vendors also scan third-party app markets and websites from around the world.)
In addition, Google recently announced an internal malware scanner called Bouncer that scans apps submitted to the Android Market. And if something does slip by Bouncer, Google can remove the Market listings for malware apps and even remotely remove them from devices.
Android malware in the wild
However, all these varying statistics and countermeasures don’t mean that there isn’t bad stuff out there.
For example, in the spring of 2011, Lookout identified a Trojan app called GGTracker that was distributed via malicious websites that mirrored the Android Market. Once downloaded it could sign the victim up to premium SMS subscription services without their permission, charging the user’s wireless carrier account. And the DroidDream Trojan, discovered in March 2011, was found in more than 50 apps in the Android Market. It could gain root access to Android, steal data and install more malicious apps.
What follows are reviews of five free anti-malware apps for Android devices: Avast Free Mobile Security, AVG Mobilation Anti-Virus Free, Lookout Mobile Security, Norton Mobile Security Lite and NQ Mobile Security. I’ve reviewed each of these apps based on what features it has available and how well the interface works. Most also offer for-pay versions that have additional functionality, which I’ve noted where it exists.
And many of them (in free and/or paid versions) don’t only scan for malware and offer preventative measures, but provide anti-theft features as well — such as alarms that can be triggered remotely (to call attention to the thief) or the ability to lock and/or wipe the device.
If you’re reluctant to use a security app, perhaps it would help if you think of it as the equivalent of chicken soup: It can’t hurt — and could possibly keep help keep away any nasty infections that may be lurking about.
How to secure your Android device
Here are some things you can do to dramatically reduce the risk of malware infections on your Android phone:
Use the official Android Market instead of third-party app stores or websites, especially now that Bouncer is used to monitor for malware. If you want to help ensure that you only install apps from Android Market, you can turn off the ability to install apps from unknown sources in by going to Settings and then to the Security menu (in Android 4.0 or later) or the Applications menu (in earlier versions of Android).
Research apps before downloading: Check the publisher and app reviews.
Pay attention to app permissions during the installation and check the market listing or developer for an explanation of any suspicious permissions.
Install an antivirus/security app.
Be wary of phishing scams and malware via the Web browser or SMS messages.
Be cautious if you root your device and keep an eye out for the Superuser prompts that are displayed when an app requests root permissions. Rooting allows you to use some powerful apps and even enhanced security functionality, but at the same time increases potential damage from infections.
To protect your Android device against local attacks — a thief or snooper — enable lock screen security (or, if you’re one of the lucky few who already have Ice Cream Sandwich, you can test out the new Face Unlock feature.)
Finally, to prevent any malicious apps from sending messages to a number that will automatically charge your account, see if your wireless carrier can block the ability to sign up for premium SMS subscriptions.
Other versions: None
The Avast Free Mobile Security app includes anti-malware and anti-theft features, along with browsing protection that prompts you if you visit a malicious website. A privacy advisor helps you identify any installed apps that use permissions which could be potentially dangerous, while an application manager lets you manage running apps.
SMS and call filtering is also included, which lets you block incoming messages and calls and outgoing calls based on times and contacts you select. The app lacks any backup functionality, but a firewall and enhanced anti-theft features are provided for rooted devices.
In addition to automatically scanning apps you install, Avast can do full scans of all your installed apps on the phone and on the SD card. You can do this manually or specify days and times to have it done automatically.
By default, Avast will appear on the notification bar and menu, showing its status and offering a shortcut to open it. The main app screen is straightforward, listing shortcuts for each feature and the settings. Though there are many more settings and preferences compared to other security apps, the developers did a fairly good job keeping the interface user-friendly.
The first time you open Avast, it prompts you to set up the anti-theft feature. A neat touch: You can define a custom name for the separate anti-theft app — ideally something inconspicuous that won’t alert thieves to its presence. Additionally, the app is password-protected, and the shortcut can be hidden from the app tray. For rooted devices, it can even store the anti-theft app and settings in a way that survives hard resets of your device.
Avast’s anti-theft functionality provides remote locating, a remote alarm with the ability to use custom audio, remote locking with a custom message (for example, “Return this smartphone to…”) and remote wiping. You can set it to automatically lock and have the siren go off if the SIM card is changed or when you mark it as lost by sending it an SMS message.
Avast can even disable access to the Android program manager and phone settings, prevent USB debugging, and force the data connection on in order to remotely back up your data.
Currently, if you want to use the remote anti-theft and remote control features, you must send SMS commands to your device. Avast provides feedback via SMS replies as well — for example, it will provide a link to a Google map after locating the device.
Avast has other useful features. You can have your phone call a given number remotely, forward SMS messages and call logs, retrieve contacts, and even pass raw data to any other app. However, in order to access these remote features you must send SMS messages from another phone; it would be much more user-friendly if there were a Web-based interface. Avast says one will be added in the first quarter of 2012.
Some of the features — such as any that require SMS — require 3G support and so won’t work on Wi-Fi-only Android tablets. Avast says better tablet support is also expected in early 2012.
Avast offers some great underlying functionality, like hiding the anti-theft component and providing enhanced uninstall protection for rooted devices. But you’ll have to wait for the Web interface for remote features, and look elsewhere for backup features.
Other versions: Anti-Virus Pro ($1.99) adds an app locker, app backup and support; Anti-Virus Pro for Tablets ($1.99) is optimized for tablets
AVG Mobilation Anti-Virus Free offers free protection for both phones and tablets against malware and browsing protection to prompt you when visiting a malicious website. It also includes SMS/text messaging protection that scans messages to ensure they’re safe; various remote tools, including device locating, alarms, locking and wiping, and scanning. There is a malware scanner that analyzes data files as well as apps, a task killer, a tune-up utility to help save battery usage and storage space, and a personal data wiper to clear cache.
An app locker that password protects individual apps and an app backup tool are also offered as a 13-day trial. The Pro version (which costs a one-time $1.99 fee) unlocks the trials and adds a spam and scam feature; there is also a version available for tablets.
Anti-Virus automatically scans apps you install and lets you run full scans on demand or automatically on a daily or weekly basis, but oddly doesn’t let you specify the days or time. It does, however, also scan for potentially insecure settings along with malicious content and media.
Though the app runs in the background, it doesn’t appear on the notification bar or menu until it detects an issue. Once you open the app, the main screen can be a bit confusing — it doesn’t contain status info or shortcuts to the main features like most other security apps do. You tap the screen to run a scan or press the device’s Menu button to access shortcuts.
AVG provides a website to use the remote functions. Though it’s possible to access it via smartphones and other small mobile devices, the site is optimized for desktop/laptop access. It allows you to initiate remote locating on a Google map, initiate an alarm and remotely lock your device with a custom message; you can also set an unlock password, wipe the device, and remotely start scanning for malware. You won’t find your phone’s number on the site, but it does detect SIM card changes and will send automated email alerts to you when a card switch is detected.
Despite a confusing user interface, AVG Mobilation Anti-Virus Free is a fairly solid security app offering all the popular features for free. If you want the premium edition (for more features or the tablet app) you can get it with just a small one-time payment.
Other versions: Lookout Mobile Security for the iPhone (free); Lookout Premium for Android ($2.99/mo. or $29.99/yr.) adds phishing protection; backup for photos and call history, data transfer to a new phone, remote wipe/lock, support
Lookout Mobile Security offers free malware protection, contacts backup, and remote locating and alarm for both phones and tablets. Upgrading to the premium account ($2.99/month or $29.99/year) adds browser protection, an app privacy manager, backup of images and call history, and remote locking and wiping.
In addition to automatically scanning apps you install and update, malware protection includes full scans of the installed apps; the SD card, however, isn’t scanned. You can set Lookout to do these full scans on a daily or weekly basis and optionally specify the day and time. The backup functionality also lets you specify when to perform daily or weekly backups of your contacts to Lookout’s servers; if you’re a premium user, you can back up your pictures and call history as well.
By default, Lookout appears on the notification bar and menu, displaying its status and offering a quick way to open it. The app’s interface is simple and straightforward. The main screen shows the status of each feature. Though you can click on the Security or Backup icons to see the most recent activity, the app doesn’t give you any thorough activity logs. To configure the app settings, you tap the Menu and Settings icons.
Lookout lets you access the status of your Lookout features and get a full activity history on its website; you can also initiate backups and restores, access the remote recovery tools (such as locating, locking and wiping), and enable or disable each feature. There’s also a mobile version of the site that offers the same features.
You can find the approximate location of your device on a Google map and see the phone number currently configured on your phone (so you will know if someone replaces your SIM card). However, the remote locking feature doesn’t provide a way to display a custom message on the device like some other security apps do.
Lookout provides a useful security app for both Android phones and tablets, along with a user-friendly website. It doesn’t offer as many features as some security apps, but what it does provide is solid. It offers remote locking and wiping, but only if you use the premium service.
Other versions: Norton Mobile Security ($29.99/yr.) adds anti-theft and anti-loss features, phishing protection, call and text blocking
Norton Mobile Security Lite provides free malware protection and remote locking. The premium service ($29.99/year) adds browser protection and call and text blocking, along with remote locating, a remote alarm, remote camera control to take snapshots and remote wiping. There is a tablet version ($29.99/yr.) coming (the date hasn’t been announced) that will support the remote anti-theft functionality for Wi-Fi-only devices as well.
In addition to performing malware scans on app downloads and updates, you can run app and SD card scans on demand or schedule scans daily, weekly or monthly. Though Norton checks for virus database updates weekly by default, it can be changed to daily (or monthly).
By default you won’t see an icon in the notification bar or menu unless the app detects a security issue, but you can enable it so you always know your security status.
Norton Mobile Security Lite has a very simple and straightforward interface. Unless you purchase the premium service, there are only two main shortcuts accessible on the main screen of the app: one for the anti-theft and another for anti-malware. But hitting the device’s Menu button gives you a few more shortcuts, such as to view the activity log or access the update or notification settings.
The remote functions for the free version can be initiated only via SMS commands. The premium service offers a plug-in for the app that in turn lets you perform remote functions on your device using a Web browser. The free version lacks any SIM card protection or remote change notifications.
The free version of this app is the most basic of the five I reviewed. Norton Mobile Security doesn’t offer as much as other free apps; you get much more if you sign up for the premium service, which comes at a recurring cost. That premium service does offer remote camera control, but most of its other features are available in other free apps.
Other versions: NQ Mobile Security Premium ($7.99/3 mos., $12.99/6 mos., $19.99/1 yr.) adds remote security features, anti-eavesdropping, financial data protection
NQ Mobile Security provides free anti-malware and browser protection, a firewall, cross-platform contact backup, and remote locating via Google Maps. It also offers a free privacy advisor that analyzes apps and their permissions, a traffic monitor that tracks data usage, and an app optimizer and manager.
SIM card change notifications are provided with the free version and can be set up to send to a specified mobile number — say, of a friend. The premium service ($7.99 for 3 months, $12.99 for 6 months or $19.99 for 1 year) adds automatic virus updates and a remote alarm, along with remote locking and wiping. It also adds a malware scanner designed to scan banking apps, and anti-eavesdropping protection to help prevent phone tapping by any malicious apps.
Although the app installs on both phones and tablets, some features such as the remote functions won’t work on tablets without SMS capability.
In addition to auto-scanning apps for malware when you download them, you can run full scans on apps manually (SD card files not included) or schedule a scan for every 7 or 15 days. Contacts can also be backed up manually (or automatically when you’re connected via Wi-Fi).
The NQ icon sits on the notification bar and menu; it displays your status and data usage, and lets you quickly open the app. Once you open the app, you’ll find a user-friendly and easy-to-navigate interface. The main screen displays your security status and shortcuts to each of the core features. Tapping the device’s Menu key lets you access the settings, logs and other shortcuts.
The remote functions can be initiated via the Web or via SMS commands. The website lets you manage backed up contacts and view your security logs and status. It also offers a calendar feature that can sync across your devices and Google/Outlook calendar. Unfortunately, though, the site’s interface isn’t optimized for mobile access.
(Note: According to the website, NQ Mobile is the international brand of NetQin Mobile, and as a result, some parts of the app, help pages, etc. may carry the NetQin branding.)
Given that the free version of this app doesn’t provide automatic virus updates or a remote alarm, locking or wiping, I would only recommend using the premium version, which comes at a recurring cost. Additionally, the premium version adds just two extra features (financial security and anti-eavesdropping) that other free apps don’t usually provide.
Though there’s certainly Android malware out there, your chances of becoming infected are still very low at the moment — but they’re even slimmer if you install an anti-malware app.
Incidentally, since failing batteries are the bane of many smartphone users, you might be wondering about the resource consumption of these security apps. During testing, all five of the apps consumed about the same amount of RAM on average when idle: 9.5MB to 11.5MB. And if you’re concerned about how much space the app will take up, AVG had the lowest (0.71MB), followed by Avast and Lookout (both 1.81MB), Norton (3.83MB) and NQ (4.73MB).
If you’re looking for a free security app, most of these have something to offer. AVG has a lot of features and an unbeatable price if you want to upgrade, but the app could use a facelift. Lookout doesn’t offer as many features, but provides solid functionality and service.
NQ includes cross-platform backup support, but lacks free automatic virus updates, and while it provides free device locating, there’s no alarm, which most of the others offer. Norton is the most basic free security app of the five, allowing only free remote locking in addition to its anti-malware features.
I was most impressed with Avast Mobile Security. Though it doesn’t offer a Web interface or full tablet support, the free app includes some very useful features not found elsewhere, such as better uninstall protection, and is a must-have for rooted devices.