How can we make sure an app from unknown source is safe? - Security Discussion

When you install an app from third-party, your phone may pops up a message like “For security, your phone is set to block installation of apps obtained from unknown sources.” So you may doubt about the safety of the app. Is it safe? Does it contains virus?
Actually, app from unknown source does not mean it is unsafe. But equally we can not trust it completely. The app is not allowed to publish on official site like Google Play Store because it infringe its policy. Facing the situation, the best solution is to find an alternative app on official app store. If you fail to find and really need the app, here is what you need to do:
Check if the app has virus. Go to the official to see whether the app has verified by any anti-virus software. Take InsTube as an example, you know it is verified by CM Security, Lookout Security and McAfee on instube dot com.
Read some decent reviews or comments. Though the app has passed through some safety verification software, the app may still harmful. For example, I want to download SnapTube, which has passed through safety verification, to my Android phone last year. I thought it is safe previously, but I changed my mind after reading some decent reviews. The reviews show that InsTube apk requires many important permissions from my phone, which let me worry about my privacy.
Anyway, consider carefully before installing an app from unknown sources. If you haven’t other option, just download it from its official site.
You can read a review to know why the apps may not that safe;
https://blog.instube.com/is-snaptube-apk-safe/

To check for a Virus drop the app into https://www.virustotal.com or in https://androidobservatory.org/
on open source apps you can look at the permissions being used from the AndroidManifest.xml file
You can run the app on a virtual machine if needed

Related

Is antivirus must for Android

I'm seeing anti virus software for phones, are there any viruses around for android? Is worth wasting RAM and CPU on anti-virus program
I use to have it installed on my android but I have not yet heard of a virus for android platform. I uninstalled it.
Well, antivirus is probably not the right word but an app which will check what you install to see if a malware will be nice...
Lookout might be that tool but i don't know any malicious apps to test it
If you only install software from the Market, you'd probably be fine without anti-virus. And you'd have to make sure not to visit any 'shady' websites on your phone.
I believe it is necessary...
Check out the first Android RootKit:
h-online.com/open/news/item/Android-rootkit-demonstrated-1049183.html[/url]
.. I have Lookout installed for this purpose , and to find my device if I forget it somewhere.. LOL
Like tuxStyle was saying, Im sure if we grant wrong application to access personal information and internet, end result will be very bad.
Im little sceptical Google itself made us vulnerable by tempting to use everything on cloud basis.
One recommendation is when you install apps, check the allowed permission is really necessary. so far I couldn't find any application that allow us to limit in each application . but firewall apps are coming up. we need more.
SlipperyMonkey said:
I believe it is necessary...
Check out the first Android RootKit:
h-online.com/open/news/item/Android-rootkit-demonstrated-1049183.html[/url]
.. I have Lookout installed for this purpose , and to find my device if I forget it somewhere.. LOL
Click to expand...
Click to collapse
Yes but according to the article anti virus cannot detect rootkit

[Q] How can I test an .apk to see if it's "safe" to install?

Hi,
Sometimes an app (.apk) is either simply not available through Google's store, or it might say "not compatible with your device", etc. There can be various reasons why a person might download a .apk from somewhere other than a "trusted" source.
If this was a file for my PC I could test it in a "sandbox", and I could scan it with both Microsoft Security Essentials and Malware Bytes Antimalware.
On my Android phone(s) I'm not aware of something like the "sandbox" option, and I don't really want to run an "antivirus" program on my phone. Is there an easy way to scan .apk files on the PC to see if they are rogue apps, might send SMS, "phone home", or otherwise mess with other applications or the system software installed on my phone?
Lets give another example: say I thought 15 minutes was not long enough to evaluate a relatively expensive Android game (it certainly isn't!) and I want to test it out first. Let's assume my only option in that case might be an illegally downloaded copy from unknown sources. Of course, we shouldn't do that. But if we did, how could we know if the file is safe and not risk installing some Chinese spyware?
About Android AV programs: anybody know how effective they are? Do some defend against "trojans" - I would think these days trojans are 99% of problems and viruses mostly a relic of the past?
My biggest concern is actually just unwanted crap that runs in the background which eats up battery, makes my phone warm (which I hate), or, perhaps even sends SMS message [this would be even worse because I don't have a text message plan].
EDIT: I see web pages with tiles like "new study finds Android antivirus apps not effective" and articles like this one: http://www.zdnet.com/blog/hardware/...bouncer-does-it-offer-enough-protection/17981
Do we have an easy way to boot Galaxy S3 off of "external" SDCARD instead of internal memory?
Search play store for avast antivirus, completely free, updates daily and works really well (firewall. Anti theft. And many more Features
sony xperia ray ics 4.0.4
stock rom unrooted
I found this website, maybe it can help someone.
h t t p://scan.netqin.com/en/
Maybe someone can post another one...
an easy way to check for safe apk
The easiest way to check for safe apk is to have one gmail account and another "whatever" email account. Then just send the apk from the gmail one to the second account, gmail always find viruses in any apk and stop the process to join the file (virus alert). Bad point is you are limited with the size of the file you wanna send.
Nowadays, even pc antiviruses can detect viruses in apks. I would rather not burden my phone with any android antivirus,since they are literally battery hogs.
sent using my HTC One S
Go here and upload the APK
http://anubis.iseclab.org/
Anubis is a service for analyzing malware.
Submit your Windows executable or Android APK and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL.
Andrubis executes Android apps in a sandbox and provides a detailed report on their behavior, including file access, network access, crypto operations, dynamic code loading and information leaks. In addition to the dynamic analysis in the sandbox, Andrubis also performs static analysis, yielding information on e.g. the app's activities, services, required external libraries and actually required permissions.
Found a good one too
apkscan.nviso.be - give it a try. Drag and drop - wait for the upload - than click SCAN . Wait for a few minutes. That`s all. Unlike ANUBIS it has a resolution at the end of the analysis . Usually helpful.
You can also email the file to [email protected] and it will email the report back in about ten minutes. Virustotal can display some interesting info, for example it said that Lucky Patcher is a "Potentially Infected Hosts File (v)", as reported by VIPRE and AVware.
Virustotal also has an official android app.
The Netqin scanner is also an android mobile app.
Late answer, sure, but I think ClamAV is what you want. You also want its bytecode signature file, and to speed things up, you only want that single file (speeds up things quite a bit).
It is the only offline apk scanner i know of, and as for its efficiency i cannot say, but it seems like it is what you are asking for.
An alternative would be to install something like BlueStacks and remap your "Windows shared folder" (through registry) to the folder you have your apk files in, and then run BitDefender on it. BD is by far the most pernickety AV app out there for Android.
I'll have to check out bitdefender (it's also included on virustotal.com)
apkscan.nviso.be seems to be pretty good at analyzing files for suspicious activity, and it also uploads the file to virustotal for you. Then you can copy the sha256 hash into the virustotal's search, to get all the gory details.
anubis.iseclab.org limits files to 8 megabytes.
Another way to avoid malware is:
when installing an update to an already-installed version of an application, it will 99% of the time prompt you to update an existing app. There's been rare instances where some apps do use a new digital signature (for example when spotify had a big security hole, and for awhile there were two apps by spotify in the app store).
One other way to tell, as a final check when launching the apk for installation on the phone: the icon will not have the right icon. I've installed apps before that I thought came from a trusted source, but the icon was not right. In fact, I was considering not posting this publically, so the "bad dudes" would not update their methods.
Another tool I found:
http://andrototal.org/
Although it might be a duplicate of virustotal.
nintendo1889 said:
Another tool I found:
http://andrototal.org/
Although it might be a duplicate of virustotal.
Click to expand...
Click to collapse
I just tried out this site. To me, it appears to be the most thorough virus testing site that I have seen. It takes some time for it to complete the scans. mainly because it scans the file with about 7 or 8 different scanning engines. Just just have to keep refreshing the page every few minutes to see if the results have updated.
I will be using this one as my go to site for apk scanning.
Just install it on the default emulator in the Android SDK
You can also install your apps on other emulator live bluestacks(best for games), jar of beans(best for rooted app) and windroy(the lightest)
Hit thanks if this helps
nintendo1889 said:
I'll have to check out bitdefender ...
Click to expand...
Click to collapse
Your signature photo ... awesome ... Bad Dudes
By using GDATA security , When you want to install an app the GDATA will scan it befor installing
Sent from my LG-D855 using Tapatalk
Use google scanning service VirusTotal to scan any app, secondly always use secure source. There are many well reputed apk sites but I personally use apklink.com , on this site required apk file is just a click away and its quite easy as well...
be safe & secure
This threads out of date, but it has me thinking I want to use something as mentioned in several replies to OP.
Are there any sites, or apps that can warn me if an .apk (for example) has malware etc.?
Thanks in advance for any help, including a link to another discussion that may have my answer
denise1952 said:
This threads out of date, but it has me thinking I want to use something as mentioned in several replies to OP.
Are there any sites, or apps that can warn me if an .apk (for example) has malware etc.?
Thanks in advance for any help, including a link to another discussion that may have my answer
Click to expand...
Click to collapse
Malwarebytes can detect malware.
Sent from my LGL84VL using Tapatalk
I tried this site and I like it because it goes into a lot of detail after analyzing and sends me a report in email. It was mentioned, and it is still available to use: https://apkscan.nviso.be/
Thank you for the heads up on MB, I use that on my PC and works great
You can use virustotal.

Question about android security

So i am just wondering, there are so much different apps for android on the market, and most of them has a lot of access to phone's functions. Now for example i am always logged in to Gmail, and theoretically can a random app scan and copy my gmail's data and send it trough internet? Really curious..
Kblavkalash said:
Now for example i am always logged in to Gmail, and theoretically can a random app scan and copy my gmail's data and send it trough internet? Really curious..
Click to expand...
Click to collapse
This question is not really an issue of Android security this is a question about general security. Can an app look at your gmail app directly and copy data and send it out...not exactly no, an app can't forcibly connect itself to another app to scan data.
However...
That question is actually not relevant because such a task is unnecessary for malicious apps. Lets say you install a malicious app that wants to copy your gmail data. What it will do is not watch the app itself but it will watch the network packets being sent to and from the app, logging and tracking those.
This is not the only way to get the data though because any data saved on your sdcard is accessible from an app if you give it permission to do so.
The MOST important thing to look at when installing an app is the permissions the app is requesting when it installs. This can be confusing as well because some apps will request full internet access because they need it but this can also be used by a malicious app to steal your data.
The important thing to do is research. The more you learn about the app the better off you are.
-------
Just to clarify, this applies to all apps of any kind on any platform including but not limited to Android, iPhones, Blackberry, Windows Phone, WebOS, Windows PC, Mac OSX, Linux or etc. - ALWAYS learn as much as you can and are comfortable with before installing anything...if you are not comfortable with a particular app or learning more about it then don't install it. That is not to say it may be malicous, it is just to say it could be a bad idea for other reasons. (for example, if it is a developer tool or a configuration tool that you don't understand or haven't researched enough to understand...then you could potentially damage your device with something that is a legitimate tool)
Kblavkalash said:
So i am just wondering, there are so much different apps for android on the market, and most of them has a lot of access to phone's functions. Now for example i am always logged in to Gmail, and theoretically can a random app scan and copy my gmail's data and send it trough internet? Really curious..
Click to expand...
Click to collapse
edit
MichaelTunnell said:
This question is not really an issue of Android security this is a question about general security. Can an app look at your gmail app directly and copy data and send it out...not exactly no, an app can't forcibly connect itself to another app to scan data.
However...
That question is actually not relevant because such a task is unnecessary for malicious apps. Lets say you install a malicious app that wants to copy your gmail data. What it will do is not watch the app itself but it will watch the network packets being sent to and from the app, logging and tracking those.
This is not the only way to get the data though because any data saved on your sdcard is accessible from an app if you give it permission to do so.
The MOST important thing to look at when installing an app is the permissions the app is requesting when it installs. This can be confusing as well because some apps will request full internet access because they need it but this can also be used by a malicious app to steal your data.
The important thing to do is research. The more you learn about the app the better off you are.
-------
Just to clarify, this applies to all apps of any kind on any platform including but not limited to Android, iPhones, Blackberry, Windows Phone, WebOS, Windows PC, Mac OSX, Linux or etc. - ALWAYS learn as much as you can and are comfortable with before installing anything...if you are not comfortable with a particular app or learning more about it then don't install it. That is not to say it may be malicous, it is just to say it could be a bad idea for other reasons. (for example, if it is a developer tool or a configuration tool that you don't understand or haven't researched enough to understand...then you could potentially damage your device with something that is a legitimate tool)
Click to expand...
Click to collapse
Good answer, you are right!, but you say do a research before installing, but it's not really possible unless you are a programmer and checking whole code The best rated apps still have many different permission requirement and i have no idea what they are doing.
For example app can request a new password change for example on paypal and steal packets which come to my gmail about new password.^^
Security Apps
Hi,
in my eyes the best way is to use programs like PDroid. You cann adjist the rights of every App regarding send SMS for example.
LBE Privacy Guard may be also an Option. (runs not on my Device - SGS+)
(i use Pdroid 2.0)
you should also read the comments in the store, and the needed rights from the app before install. The best Apps to trust are open source apps.
Kblavkalash said:
Good answer, you are right!, but you say do a research before installing, but it's not really possible unless you are a programmer and checking whole code The best rated apps still have many different permission requirement and i have no idea what they are doing.
For example app can request a new password change for example on paypal and steal packets which come to my gmail about new password.^^
Click to expand...
Click to collapse
Research generally involves a Google search...
Editor's Choice in the market are safe bets, you know, the blue icon.
But then there are the millions of other apps, and frankly, I tend to toe the app name plus xda for instance, Google will show you xda threads about the app, if the posts are normal, you can be sure it's not malicious.
Stuff like that...
Also, fake market comments are really easy to spot and are a dead giveaway
Sent from my GT-I9000 using xda premium

repository with pak virus

Hi,
I seek good site with virus for Android. I must test my antyvirus on my mobile phone. Thank you
Android anti-virus are useless.. They just tell you if the app is infected and then to unninstall it..(Some times with fake alert)
If you talk seriously about android device "security", you should put some firewall app and filter the apps internet access and deny some connections. Smartphones are targeted for bot networks very often and if you allow root access to some of these apps they dig in to system and its very hard to remove them, you have to flash new kernel and rom. And the other threat is mostly the annoying adware apk's, but you can upload and scan them in the Nviso web page or with Virustotal. You can made some changes to the host file that is in the root directory of your android phone, there you can block sites that deliver ads with some apps, or use LP which is automated. This is important because some apps are not malicious themselfs, but the sites they connect to are malicious and some times they run bad JS codes in the backround on your phone and you see only some flashing ads on the screen.
Zionx9 said:
Hi,
I seek good site with virus for Android. I must test my antyvirus on my mobile phone. Thank you
Click to expand...
Click to collapse
Download test virus app from play store and run antivirus scan. These app is harmless. It is for test purpose.
If it helped. Please thank me.

How to check whether android was tempered with

Hey,
I bought an android 11 phone from a Chinese website.
It has a Chinese rom and it came open box with google play installed(the seller probably opened it to install it).
My question is, what should I do to make sure there are no viruses, trojans etc. on it.
Is factory reset enough or other measures are required as well?
Also, can I make sure that the recovery/bootloader or other partitions wern't messed with?
Thanks,
Return phone and request refund of purchase price.
Do you mean there is no way of checking?
It's proved that phones produced for and sold in China contains pre-installed software what spies user: it's due to a directive by the Chinese government.
You can check this by monitoring device's network traffic.
And if I'll change it to global rom?
If you have a third-party antivirus app installed on your device, check the app developer's website to familiarise yourself with the expected notification you will see if that app detects a problem.
Whether you want to get rid of malware manually or use a virus removal tool or third-party app — such as an anti-malware scanner.

Categories

Resources