I am pretty sure you guys have read about the recent virus outbreak on Android. If you haven’t, well, there has been one (again) yesterday. Codenamed “Gemini”, its one of the most sophisticated Android malware on earth so far. It has capabilities of sending your personal data to a remote server. To make things worse, its also said that the application can interact with that particular server to execute commands on Android!
The good news is, the virus is only affecting third-party applications from China so far. So if you are not using any of them, then its likely that you are on the safe side. One thing is for sure, for such a command to be executed, root access is required. Hence, if you are using your phone out-of-the-box, then its even lesser chance to be on your phone; if its there, it will do lesser damage.
So what does this Android virus outbreak mean? What should we do? Why is a virus landing on a Linux-based Operating System?
Wh not? First of all, these virus alert shows us that no matter how secured a system is, with proper skills and ample time, it still can be vulnerable in a way or another. Technology fact is simple. What is created by humans, can be reverse-engineered by humans themselves, because at the end of the day, digital products are binary-oriented following a logic anyway.
Why it landed on Android is clear. Android is becoming the next Windows OS on mobile platform. The number of new devices unlocked daily is about 300,000 at the time of writing. That’s a million devices in less than four days! The OS itself is open source which means anyone can read its source code and compile his own version. Not only that, mobile phone is a lot more personal than the computer to the owner. Phone owners store their very sensitive information on the mobile phone; stuff that they don’t even put on their computers. Wondering if its you? Think about this. You have a whole phonebook with numbers, e-mails and maybe even home addresses in your phone. You have your Google account setup with full access to the whole phone – including to the market for purchasing applications using Google Checkout – which stores your credit card information. Of course, Google is secure and they have taken measures not to jeopardize your personal information. But remember what I said about humans and reverse engineering earlier?
There are some measures that you can take to protect yourself. Of course it would be silly to ask you not to save your contacts on the phonebook or remove accounts from the sync settings.
First of all, do not root your phone if you really don’t have a reason to. Especially if you have no idea how powerful root access can be. Granting superuser privileges to an application means ‘opening a door without knowing who is on the other side’. This is also one reason why rooting is still not openly adapted by most of the hardware manufacturers. Its for the majority of the users who don’t understand the risk rather than the minority who does. So, don’t root your phone if you don’t know what you are doing.
Secondly, do not simply trust external third-party applications outside of the market. By default, all Android devices do not allow unknown application source installation, but this can be enabled in the settings. So its you who will jeopardize your phone and not the hardware manufacturers or Android OS itself.
Thirdly, do not support piracy. In compliance to the above statement (installing external third party applications), do not easily trust a legit application distributed illegally over the internet. You never know, what seems to look like a legit application may not even have the application’s content.
It is not the end of the world. Don’t panic. You have definitely seen worse days on your PC in the past. Its just better to be safe than sorry. Keep these in mind and always take an extra step to verify your actions and the consequences it may cause. That will keep you out of danger.