All you should know about the Top 20 Deadly Viruses plaguing Indian smartphones today
Jun 22, 2016, 17:44 IST
An analysis shared by Cheetah Mobile Security Research Lab shows something very pertinent - mobile malware running rampant in India.
India is now the second largest smartphone market in terms of active unique smartphone users. According to data collected, out of all the infected devices around the world, 17.8 percent are from India, and almost 45% of the infected phones are dealing top 10 viruses (listed down below).
The lack of network security knowledge, the company says, is the main reason mobile viruses are running rampant in India. Some users in India are still not completely aware of the damage mobile virus might bring to their mobile life, while many users aren’t familiar with removing these tricky viruses from their devices.
First, here’s a look at the top 10 viruses affecting most Indian smartphone users in the first half year of 2016:
Now, we know budget Android phones are very popular in India. But what we don’t know is that some of these mobile phones have been pre-loaded with viruses even before reaching consumers.
Based on information from Pornhub, a famous porn website, India stands at third place in terms of global porn viewership as of January 2016.Back in August 2015, the government of India ordered internet service providers to block access to 857 pornography websites, although the ban was partially lifted five days later, due to criticism over authorities’ decision.
It’s no surprise that porn website is one of the most popular channel for spreading malware. Users are tricked into downloading various apps related to porn while they are browsing these websites, which greatly increases the possibility of exposing their mobile device to infecting new viruses.
In this ever-changing security landscape, some of these malware now focus on making profit via spreading deceptive advertising. Below, Cheetah Mobile Security Research Lab summarizes several typical categories of these deceptive advertising viruses. These viruses keep producing pop-ups on users’ phones, which impacts user experience severely. The viruses also consume a lot of network traffic while they download unnecessary (and even harmful) apps in the background, without users’ knowledge.
Deceptive advertising can take many forms, therefore, users are affected differently. Here are a few scenarios users might experience deceptive advertising on their mobile devices:
Turning on or charging your phone
When users turn on or start charging their phones, the virus is prompted to display full-screen advertisement. Once you click on it, the virus will start downloading unnecessary apps or even malwares to your phone.
When users install or uninstall apps, the virus will trigger pop-up ads disguised as return and close icon, so users have no choice but forced to click on the ad.
When an app is running
When user activates an app, this particular virus would pop up an ad which covers the entire interface, making it impossible to continue using the app.
Exiting an app
When user exits an app and tries to return to the home screen, the virus would then pop up an ad, tricking the user into clicking and installing an unnecessary app.
Random pop-ups or permanent ads on the notification bar
Random app recommendations on the desktop
Some users might notice icons of new apps on their desktop that they didn’t downloaded themselves. If they click on the unknown icon, it will then activate the installation automatically (and the return/close button will be hidden so users can’t terminate the installations.) In fact, the APKs have been downloaded by the virus, and the icons are aimed to trick users into installing unnecessary apps that leveraged deceptive advertising.
Random full-screen ads
Unwanted apps will be downloaded automatically after users click on these ads.
The Lab also suggests that among the top 10 viruses infecting most phones in India, five are root trojans. Once these trojans manage to get into victims’ mobile phones, they will try to root the infected devices and embed the major behavior module into the systems.
Advertisement
India is now the second largest smartphone market in terms of active unique smartphone users. According to data collected, out of all the infected devices around the world, 17.8 percent are from India, and almost 45% of the infected phones are dealing top 10 viruses (listed down below).
The lack of network security knowledge, the company says, is the main reason mobile viruses are running rampant in India. Some users in India are still not completely aware of the damage mobile virus might bring to their mobile life, while many users aren’t familiar with removing these tricky viruses from their devices.
First, here’s a look at the top 10 viruses affecting most Indian smartphone users in the first half year of 2016:
Ranking | Virus Family | Infected Device |
1 | Android.RISKWARE.Hideicon.lv | 61757 |
2 | Android.MALWARE.at_PermAd.a | 33235 |
3 | Android.MALWARE.at_Fakegupdt.f | 31879 |
4 | Android.Troj.guerrilla.mc | 30977 |
5 | Android.Troj.at_Downloader.q | 21973 |
6 | Android.Troj.Sprovider.a | 21498 |
7 | Android.RISKWARE.SmsSend.ba | 21347 |
8 | Android.Troj.tk_guerrilla.c | 20042 |
9 | Android.Troj.at_CovaDown.d | 19280 |
10 | Android.RISKWARE.at_Parse.a | 18750 |
Now, we know budget Android phones are very popular in India. But what we don’t know is that some of these mobile phones have been pre-loaded with viruses even before reaching consumers.
Based on information from Pornhub, a famous porn website, India stands at third place in terms of global porn viewership as of January 2016.Back in August 2015, the government of India ordered internet service providers to block access to 857 pornography websites, although the ban was partially lifted five days later, due to criticism over authorities’ decision.
Advertisement
It’s no surprise that porn website is one of the most popular channel for spreading malware. Users are tricked into downloading various apps related to porn while they are browsing these websites, which greatly increases the possibility of exposing their mobile device to infecting new viruses.
In this ever-changing security landscape, some of these malware now focus on making profit via spreading deceptive advertising. Below, Cheetah Mobile Security Research Lab summarizes several typical categories of these deceptive advertising viruses. These viruses keep producing pop-ups on users’ phones, which impacts user experience severely. The viruses also consume a lot of network traffic while they download unnecessary (and even harmful) apps in the background, without users’ knowledge.
Deceptive advertising can take many forms, therefore, users are affected differently. Here are a few scenarios users might experience deceptive advertising on their mobile devices:
Turning on or charging your phone
When users turn on or start charging their phones, the virus is prompted to display full-screen advertisement. Once you click on it, the virus will start downloading unnecessary apps or even malwares to your phone.
Advertisement
Installing or uninstalling appsWhen users install or uninstall apps, the virus will trigger pop-up ads disguised as return and close icon, so users have no choice but forced to click on the ad.
When an app is running
When user activates an app, this particular virus would pop up an ad which covers the entire interface, making it impossible to continue using the app.
Exiting an app
When user exits an app and tries to return to the home screen, the virus would then pop up an ad, tricking the user into clicking and installing an unnecessary app.
Random pop-ups or permanent ads on the notification bar
Advertisement
The Google search box in the following screenshot is disguised by virus for tricking users into using the fake search box, so it can recommend users installing other apps.Random app recommendations on the desktop
Some users might notice icons of new apps on their desktop that they didn’t downloaded themselves. If they click on the unknown icon, it will then activate the installation automatically (and the return/close button will be hidden so users can’t terminate the installations.) In fact, the APKs have been downloaded by the virus, and the icons are aimed to trick users into installing unnecessary apps that leveraged deceptive advertising.
Random full-screen ads
Unwanted apps will be downloaded automatically after users click on these ads.
The Lab also suggests that among the top 10 viruses infecting most phones in India, five are root trojans. Once these trojans manage to get into victims’ mobile phones, they will try to root the infected devices and embed the major behavior module into the systems.
Advertisement
Therefore, your antivirus tools must have root privilege to kill these trojans, because they typically live much longer than ordinary trojans. Root Trojans are also able to silently install other apps on users’ phones.