Mobile Malware? You May Be Under Attack

Hand holding a phone with colourful bokehs

Imagine downloading an application on Google Play Store. Everyone uses it – in all senses of the word, this app is ‘legit’ and you’re here to give it a try. The well recognised logo now sits on your welcome screen and you’re navigating like a pro in no time, but you now have a Trojan virus on your phone. It’s time to wake up and smell the C – malicious software (malware) isn’t just a computer thing, and if you haven’t been warned, you are more vulnerable to mobile malware than you think!

Where does mobile malware come from?Lone, ungarded phone on the table

Image credit: Unsplash

The incident we alluded to was a malware attack on the Google Play Store detected mid-last year. Bundled with 34 Google Play apps including maps, dictionaries and barcode scanners, the malicious program had been installed more than 100 million times. The malware in question: a clicker-trojan that continuously directs online traffic on the compromised device to certain sites, with the aim of generating fraudulent click-through revenue. Certain versions retain user information stored on the device and attempt to subscribe the user to expensive premium plans. The trojan works quietly in the background, all while the app functions normally. Freaky.

Visiting dubious sites or downloading illegally can also introduce unwanted programs into your mobile device. Illegal streaming, a form of temporary download, and other forms of online piracy are a common source of malware, including on your mobile device. Unsafe browsing can also put you at risk of drive-by downloads, triggered without the user’s knowledge or permission. Such sources are often backed by entities looking to make a dishonest buck, as if you needed further reason for caution.

#TiqOurWord Skip the paranoia and take surety instead. Tiq’s Personal Cyber Insurance covers you against a wide range of online mishaps, including phishing, theft of credit card details and impersonation attempts. Browse with confidence, we’ve got your back.

Types of mobile malware

Mobile phone in the dark

Image credit: Unsplash

Mobile adware, known in digi-speke as madware, is one of the broadest categories of mobile malware. These programs aggressively display advertisements on your mobile device in order to register more impressions and earn more advertising revenue. The ads can come as promotional text messages, banner notifications, audio messages and more.

In 2015, the fraud detection company Forensiq identified more than 5,000 fraudulent mobile applications available on both Android and Apple devices that continued to run, even when not in active use, displaying thousands of invisible ads on each mobile device every day. That year, marketers lost an estimated $1 billion to advertising fraud.

Agent Smith malware replaces legitimate apps with malicious decoys. These programs appear to function normally but spam the user with ads while in use. As recently as 2018, Agent Smith malware infiltrated 11 apps on the Google Play Store. Google has since removed all corrupted apps.

Cryptojacking refers to the covert hijacking of computers and mobile devices, stealing computing resources for the purpose of ‘mining’ cryptocurrency. From slow performance to dismal battery life and a shortened device lifespan, cryptojacking is a menace you may not know to be wary of.

Mobile spyware is a highly developed niche industry, with options for those who want to monitor the activities of their loved ones and subordinates. Mobile spyware can be installed as simply as opening an email or clicking a link, no further permission required. One such application is Highster Mobile, a spy app that provides the surveillant party with access to the device’s camera, text messages, call logs, web browsing history, GPS location and social media apps, all while in covert mode. That means we’re all at risk.

Flashback malware is designed to steal login credentials saved in your device, granting external parties potential access to your online accounts. The worst part is once your information gets into the wrong hands, you have no way of knowing how it will be used. Remember Sephora? A data breach placed the private information of 3.7 million customers worldwide for sale on the dark web.

How to avoid mobile malware

Hand holding a mobile phone and scrutinising for mobile malware

Image credit: Unsplash

The easiest way to keep your device safe is to only download from legitimate sources. Third-party app stores are fraught with dangers, so stick to the Google Play Store or the Apple Store for mobile apps. If you’re purchasing new software, check that you are transacting with an authentic, licensed distributor. Meanwhile, choose safe streaming apps like Netflix and Hulu instead of downloading media from illegal sources.

Be careful what you click. If someone you know has sent you a strange looking message or link, don’t click it before checking with them first.

You should also stay vigilant when using apps on your device. Keeping a lookout for malicious content or excessive ads with no relation to the app can help you tell whether your device has been compromised.

Slower performance and a drastic decrease in battery life can be indicative of cryptojacking, madware or any number of clandestine activities occurring on your device, so seek professional help to identify unauthorised background functions. You may also choose to install a mobile anti-virus software, which can intercept installation of malware.

#TiqOurWord Anti-virus programs are not bulletproof, and for the ill-intentioned odds and ends that slip through the cracks, you’ll thank yourself for having Personal Cyber Insurance. We’ll even cover the cost of rooting out viruses and restoring your data on compromised devices. The dangers of the Internet are very real, but you won’t be facing them alone.

Eyes wide open

Even the most careful Internet user cannot be completely safe online. Even e-commerce sites as established as Love, Bonito have become the data breach – late 2019, an attack on the platform exposed the personal information of approximately 3% of its customers. Meanwhile, the Singapore Red Cross’ database has been compromised to reveal the appointment information of more than 4,000 prospective blood donors. You can never be too careful. It’s a good thing you’ve got us in your corner.


Information is accurate as at 10 January 2020. This policy is underwritten by Etiqa Insurance Pte. Ltd. (Company Reg. No. 201331905K).

Tiq by Etiqa Insurance Pte. Ltd.

A digital insurance channel that embraces changes to provide simple and convenient protection, Tiq’s mission is to make insurance transparent and accessible, inspiring you today to be prepared for life’s surprises and inevitabilities, while empowering you to “Live Unlimited” and take control of your tomorrow.

With a shared vision to change the paradigm of insurance and reshape customer experience, Etiqa created the strong foundation for Tiq. Because life never stops changing, Etiqa never stops progressing. A licensed life and general insurance company registered in the Republic of Singapore and regulated by the Monetary Authority of Singapore, Etiqa is governed by the Insurance Act and has been providing insurance solutions since 1961. It is 69% owned by Maybank, Southeast Asia’s fourth largest banking group, with more than 22 million customers in 20 countries; and 31% owned by Ageas, an international insurance group with 33 million customers across 16 countries.

Discover the full range of Tiq online insurance plans here.



Be the first to know
Get the latest promotions and news

Please share with us which topics interest you:
Financial Planning
Health & Wellness
Travel & Leisure
For the Millennials
Promotions & Giveaways

I consent and agree for Etiqa Insurance to collect, use and disclose the personal data above for the purposes of validation and sending, via telephone calls and text message. Read Etiqa's Privacy Policy [here]