Do you have an Android™ phone? Have you tried to root it in order to customise it and run unsanctioned apps on it?
To root or not to root? The answer to that question is no! We strongly urge you not to root your Android because an increasing number of threats discovered by Trend Micro’s eager team of researchers are being targeted at rooted Android phones
The latest is a malicious file designed to turn your Android phone into a zombie device – one that can be remotely controlled by hackers as part of a botnet and presumably used to send out spam and launch denial of service or other attacks.
The malware for this particular attack was designed specifically to run on rooted Android smartphones and is therefore likely to spread through app stores that aren’t affiliated with Google, disguised as a legitimate application.
We can’t tell specifically what plans the hackers have for this piece of malware as it was cleverly engineered to make analysis difficult, but it should be a warning to users thinking of going off piste with their device.
Now we all know why rooting – or jailbreaking, if you’re an iOS user – seems like a good idea. Many users feel restricted by the rules put in place by Apple or Google and they want to break free. Rooting can give them more control over the device and what can and can’t be downloaded on it.
But, honestly, expanding the number of apps you can put on your device is only going to introduce extra risk. Stick to Google Play and keep your phone as the manufacturer intended in order to minimise the chances of you getting hit by the next big attack.
Trend Micro has produced a handy five-step guide on how best to secure your Android phone.
Remember: the mobile platform is a hit with users but also cyber crooks. Don’t be the next victim.
Tony Larks works for Trend Micro and is guest blogging for the Fearless Web. The opinions expressed here are his own.
Get more tips, advice, and alerts on Internet security, just “like” Trend Micro Fearless Web Internet Security on Facebook at www.facebook.com/fearlessweb.