This week, Google removed the popular CamScanner PDF creator app, which has been downloaded more than one million times, from the Google Play store because the app recently started delivering malware. Unfortunately, when it comes to mobile malware, Android phones have the dubious distinction of attracting more than their fair share, and that malware can range anywhere from annoying popup ad delivery services to sophisticated mobile spyware that allows a hacker to spy on your every action. So if you think you have a virus on your phone (see the 5 Signs below), you definitely want to take these steps to remove it.
1. Uninstall any suspicious apps
Spotting an app you don’t remember downloading can be a red flag. And other apps, especially free apps from small developers, may contain adware. So if you see apps you don't need, uninstall them, just to be safe.
To uninstall apps, head into Settings > Apps and Notifications > All Apps then click on the app in question. This should bring up its dedicated screen with an uninstall button, which might be enough to remove the malware. However, if the uninstall button is greyed out, the app may have gained admin access, making it trickier to remove.
In this case, head to Settings > Security & location > Advanced > Device admin apps, and check if any apps are in that list that shouldn’t have such deep access. If so, you can tap on the app to deactivate it, which should allow you to uninstall it from the Apps & notifications menu.
2. Run an antivirus scan
The most certain means of confirming malware on a device is to run an antivirus scan. Mobile antivirus can automatically scan downloads and warn about apps that might leak personal information, allow pop-up ads on your device, or drain your phone battery.
Major security software providers such as Kaspersky, Avast, Norton and AVG also have Android apps, some of which are paid-for, but all offer a free option. There are also well-regarded mobile-only providers, such as Lookout Security. Whatever you do, don't just download some random security app from Google Play, many of these apps do nothing and some can even create security issues of their own.
Head into your antivirus app and select a scan, which should then flag the exact apps that are presenting a threat to your device. You may be able to remove the malware directly from the app, or you may need to manually uninstall it from Settings > Apps & notifications. If the first scan doesn't find anything, you may want to download a second antimalware app, since we have found that security programs can vary in which virus apps they detect.
(It’s worth noting that antivirus apps can also eat up a lot of phone battery, especially if you enable a continuous scan feature.)
3. Factory reset the phone
If uninstalling the suspicious app(s) doesn’t stop your phone from popping up annoying messages or worse, you may need to take the nuclear option of performing a factory reset, which will clear your phone of all data.Make sure you have your photos and media backed up, and any messages you may want to save, then head to Settings > System > Advanced > Reset options > Erase all data.
4. Stop the malware from being re-installed
Once your phone is clear of malware, it’s a good idea to be wary of what you download and where you download from. Always download apps from Google Play or other trusted sources and only download apps you really need and know are safe – even then, keep a sharp eye on whether you’re really downloading that popular game you keep reading about, or only a clever fake.
While your phone may display clear symptoms of a malware infection, often, malicious apps lay dormant on the phone. Instead, the damage shows up as a charge on your bank card or a phone bill with unusually high data charges.
“Everyday users don't usually discover something's wrong until it’s too late, as it’s difficult to detect malware with a non-armed eye, especially in the case of sophisticated malware that might, for instance, hide SMS notifications or work only when the device is charging [so that the user doesn’t notice],” says Alexey Firsh, malware analyst at Kaspersky Lab.
That said, many forms of less sophisticated malware will produce symptoms in an infected phone.
Decreased battery life. If you’ve inadvertently downloaded a cryptocurrency miner, it’s likely your phone’s battery life will drop far quicker than normal, Firsh says. Though there can be many other causes of Android battery drain.
Phone functions more slowly. Malware that is constantly sending information back to a mothership may hog your phone’s processing power, resulting in its general performance slowing down.
Higher data usage. Similarly, information-stealing apps as well as data miners can use up a lot of data – so check your settings to see how your monthly allowance is doing. Other malware that might reveal themselves in bandwidth usage include apps that secretly harness your device for use in distributed denial of service (DDOS) attacks to freeze other sites, Firsh notes.
Suspicious notifications from banks and unknown services. If banking malware steals your details, it might result in your bank – or another financial institution – notifying you of charges or even new accounts opened in your name. SMS malware might also reveal itself in premium text services sending you notifications of the fees you’ve just paid.
Pop up ads. Seeing a lot of pop-ups while you browse the mobile web? You may have been infected with adware. “Popups can mean that malware has installed itself within the OS and has a trigger for a popup based on common ways that users would operate their phones,” Galindo says. The idea is to engage users when they’re most likely to click on an ad or offer, thereby downloading another bit of malware that has the potential to cause greater damage to their device or data.
And even if you phone doesn't have malware, keep in mind that there are other ways your phone can be hacked.
[Image credit: infected phone concept via BigStockPhoto]