Check If Your Android Device Has Been Infected

Surely you already know that the Android operating system is an open source system and any programmer can contribute with their own applications and developments. It is for this reason that the security of Android devices is often compromised, being very vulnerable to viruses, Trojans and malware.

For the most part, these problems come from installing third-party applications, unsigned and downloaded from unofficial Google stores, but even then we can’t be 100% sure that we are not infected.

The consequences of an installation of this type of virus may mean the theft of your files, passwords, or even impersonating your identity. Although in most cases, the attacker will simply show you a lot of unwanted advertising.

Next we’ll show you how to check if you have one of these apps installed, and how to remove them safely and without leaving a trace.

Types of Malware

Phising

Most of the time, user data is stolen using phishing techniques. Phishing is nothing more than supplanting the identity of a brand or service of recognized prestige by imitating its way of notifying or logging you in order to access, and instead interposing a website that has nothing to do with them.

For example, you can receive a link through Whatsapp or SMS, where you put the text “facebook” in a link, but click on it to send you to a page that appears to be facebook but is hosted in a domain type “facebook-com.fakeserviceacceslogin.com”, which as you can see does not go to the facebook service but begins with that text.

We will enter without realizing it and we will put our username and password…. making the work to the attacker.

Double-check when prompted for a password

When an attacker gets that data, he can even use it to extract money from bank accounts. In other cases, they try to build trust through social networks with your family and friends to try to steal their data as well as their accounts, etc. This technique is really efficient, as it allows the virus to spread exponentially and has been used a lot in the past.

Through a link like “My photos this summer“, they usually try to get people to click, as it is not very suspicious a link of this type that comes from a family member and friend.

Nowadays everyone uses their telephone to read the mail or access their banking service, so the reception of this type of messages does not usually alert the victim, who sees it in a shortened manner due to limitations of the device and is not aware of the 2 faults that usually cause the alarms to go off:

  • the sender of the message is not the correct one
  • the link we click on is not the real one, but directs to a very similar domain.

As this type of attack is becoming more common, messaging companies are developing increasingly powerful technologies to stop or at least warn of possible threats.

Adware (unwanted ads)

The most common form of virus in Android however, are apps with adware. We know as adware the technique by which the attacker displays advertising on the terminal of the victim in a very annoying way, in order to make money through advertising (ads).

The most used techniques to install this apps are promissing new functionalities through plugins for whatsapp or facebook, such as new sticker options, keyboards, wallpapers or tools to know who is looking at your profiles.

Most ads emphasize that clicks as soon as possible, to generate an even higher income, pushing us with phrases like “limited promotion” or “you’ll lose all information if you don’t…”.

Identify if your phone is infected

You can identify possible viruses or malwares if your terminal begins to suffer the following symptoms:

  1. Your phone asks for additional permissions on some apps: There are viruses that try to get additional permissions that allow them to replicate and even install apps themselves. To do this they apply for new permits.
  2. New apps you didn’t install: There is malware that downloads apps without your permission to charge for those installations. It is usually related to the first point, first ask for additional permissions and once obtained, proceed to install if your permission.
  3. Excessive ads and in senseless places: For example on the blocking screen, when opening official applications, or simply when you have your mobile on the table and you are not touching it. If you see advertisements in these circumstances you very likely have a virus in your terminal.
  4. Your phone bill increases at the end of the month: Another type of malware relies on the phone companies in each country to subscribe to premium services and charge you at the end of the month on your bill. Many times you will not be able to undo or unsubscribe when calling the operator, and this is because you have an application of this type subscribing without your permission again and again to all kinds of services.

How can we clean everything?

If you are affected by one more virus, our advice is to install an additional antivirus or antimalware. There are free options that allow you to protect your phone in exchange for few resources, such as AVG Free or Avast Mobile Security. Remember that if you download any antivirus from the official google store, the play store, do not install an additional virus!

Once infected, you can try to delete all the applications you don’t use regularly, and all those you don’t remember installing. Go to Menu > Settings > Apps Manager and uninstall everything that “doesn’t sound familiar”. Ultimately, you can back up all your data, and reset your terminal to factory settings, so you can start from scratch.

If you choose the latter option, remember the gold tips:

  • Download only apps from the google play store
  • Be wary of download links even if they come from an acquaintance
  • Don’t install applications that add “magical” features to other apps
  • Don’t click on weird links
  • Check the websites where you enter your password or personal data
  • Periodically backs up all important information so you can return to factory status.
  • If you don’t trust another virus… install a good antivirus.

We hope that these tips will finally get rid of those annoying viruses that affect your device.

How to remove malware in Android step by step

If you notice that your Android phone is running a little slow, shows ads in places it didn’t before, or burns the battery, it’s very possible that you have a virus on your device.

Removing these viruses is much easier than it seems, and in this article we’re going to explain how to do it.

The viruses that can affect Android are very varied and one of the best ways to avoid them is to install only applications catalogued as “safe” within Google Play itself.

This way we’ll ensure that Google deletes applications directly from our device if it detects any security breaches affecting them.

The steps therefore and at general level will be:

  • Put it in safe mode.
  • Removes administrator status if necessary
  • Uninstall the app
  • If everything fails, you should be able to eliminate any type of error or configuration by resetting the factory, previously making a backup.

Avoiding Viruses and Malware

Before detailing the previous steps, we would like to review ways that will prevent you from becoming infected in the future. They are very simple tips, and practically common sense so you’ll easily keep your Android system free of viruses from now on.

  • Don’t install applications from outside Google Play unless you know 100% that it comes from a reliable source. In case you do, once installed restore the value of “unknown sources” from the configuration menu->security
  • Avoid “clone” applications: Many times, those responsible for creating a virus/malware take a genuine application and clone it by adding the trap code inside. Then they upload them to the Google Store for a while (which takes google to realize) so that people install their version instead of the real one. They also upload these versions to external repositories, where we will not be able to verify their authenticity.
  • Keep your Android version up to date: Always have the latest version available for your device. This will ensure that malicious apps do not take advantage of holes already located and corrected in the operating system.
  • Install an antivirus: It is not necessary to install an antivirus by default, but if you want to be much calmer you can put one, as they also usually bring cleaning applications and system utilities that can be useful. One of the lightest is bitdefender, but any of the big ones can serve us.

Deep cleaning step by step

Put your phone in safe mode. This temporarily blocks any “non-factory” application, including any type of malware.  You can usually get to safe mode by pressing the shutdown button until the “restart in safe mode” option appears.  

If this technique doesn’t work, google “How to put [cell phone model] in safe mode” and you should be able to find out how to do it.

Then open the configuration menu and choose “applications”, select the

“downloaded” tab and check the name of those applications that look suspicious or that you don’t know if you downloaded or not. Then uninstall them

In most cases this will be enough to get rid of the viruses in your terminal, but in some cases you will notice that the uninstall button will be disabled... this will indicate that the virus has taken over as administrator and it will be somewhat more difficult for us to get rid of it.

Exit the application menu and click on Settings > Security > Device Administrators. In this list you can see all applications that have “administrator” status. Simply uncheck the box of the application to be removed and then click “deactivate“.

Now you can go back to the applications menu and delete it regularly.

After cleaning, just restart the device one more time to exit safe mode.

At this point remember to make a backup copy of your data, and remember to respect the simple rules that we have explained in this article to prevent future problems.