Antivirus usability on the phone
The main way to infect a phone running Android is to install applications from third-party resources. Files infecting the phone in this case are files with the .apk extension:
APK (English Android Package) is an archived executable file format for Android applications. Each Android application is compiled and packaged into one file. Files of this format are not encrypted; they are a subset of the ZIP archive format.
Types of viruses on Android:
All of them are divided into 2 types:
')
- Fake - the name and icon of some well-known application is used, but inside there is only malicious code. Most viruses of this type;
- Trojan Horse - a malicious code is added to a normal application, which works together with the application.
Ways to scan a file for viruses:
The main drawback of checking the application for viruses from the phone is the need to install this application, which means it is necessary to put the phone at risk, unlike checking from a PC, where you can check the file itself, without having to install it.
Also, a significant drawback would be that the phone antivirus databases are not perfect, if the virus that your phone is infected with is not in the database, then the only option would be to roll back your device to the factory settings.
The method of evisceration, requires certain skills and is not available to the ordinary user.
Dependence of antiviruses on administrative rights.
Many viruses at the moment either hide the list of confirmation of permissions, or request administrative rights.
What is it fraught with? Let's start with the fact that an application with administrator rights cannot be deleted via the application management menu in the settings, this will require taking administrative rights away from this application, but at the moment the attackers insert a script that does not allow this and even tries to overload the device’s memory, forcing it to close settings through the application manager.
Also, an application with administrator rights can affect other applications without the need to confirm, thus, the malware can change the text in antivirus programs and the results of the checks.
What conclusion can be drawn from the foregoing? The most important thing is, of course, you don’t need to download the application from third-party sources, and if you’ve done it, it’s better to check it for viruses using antivirus on your PC, but if there is no such possibility, then carefully examine the file for the questionable name , as well as suspicious access permissions.
And regarding the usability of antiviruses on Android phones, it’s hard to say something unambiguous, but I believe that an antivirus on the device will be useful, except to an inexperienced user, in order to prevent accidental errors. In the case of an experienced user, he has enough awareness to avoid infecting his device.
Are there any viruses on iOS? The first thing I want to start with is to understand a certain generally accepted opinion that there are no viruses on iOS devices at all. They are, but very few, for some reason.
The first and most important thing is that the virus makers are not interested in writing viruses on this mobile platform, since in the overall ratio of the entire mass of Apple mobile devices, gadgets occupy a niche, according to various estimates, from 3 to 10 percent.
The second reason that there are so few viruses on iOS devices is that this operating system is currently the safest, at least one of the best for the owners and there are explanations. The closedness of the system itself from third-party downloads, if it concerns applications, then this is only Eppstor. Regarding the exchange of photos, videos, audio recordings, then only verified own software on the owner's computer - iTunes or only between Apple devices, which blocks the possibility of downloading files from incomprehensible unverified sources to the device. Although it may be noted that the company from Cupertino allowed its users to download only photos and videos without using iTunes, on any desktop. It’s not about downloading a photo or video to the device itself (through the root system on a computer).
But there is also a way around this “protection” of the OS, many have probably heard about it - Jailbreak on different versions of iOS.
A jailbreak is a procedure (and not software) that allows you to open access to the file system of a mobile device on the iOS platform. Allows you to install custom (custom) themes, tweaks, but most importantly - download third-party software - not from Eppstore. It is noteworthy that such a process the Library of Congress did not consider copyright infringement (as you can download anything for free) and allowed iPhone owners to conduct such a procedure in the United States.
The Cupertini people themselves do not officially support the use of this loophole. After the jailbreak procedure, the license agreement is violated, and the owner of the Apple device is deprived of the right to technical support and warranty. However, if the owner updates the iOS version to a new one or restores it, he will remove traces of exploiting the vulnerability and find out if the jailbreak has been installed on the device previously will not be possible.
The second "stage" of OSE protection
This is her own code, a method of writing. Initially, with the release of the first iPhone 2g, only Apple’s own products / widgets — calendar, photo, browser, and the like — were installed on the phone. Later, with the development of technology, Apple was able to expand the capabilities of the owners, and the system was open to application writers that could be downloaded from the Appstore.
Thus, it is possible to understand how virus protection occurs, but which viruses exist on this platform are, in general, the same as on Android smartphones:
⁃ Identity theft;
⁃ Sending SMS, calls to premium numbers;
⁃ Download and silently install other third-party software;
⁃ Conduct covert surveillance (using a microphone, camera, interception of calls);
⁃ Sending messages in social networks on behalf of the owner.
BUT! It is important to note that all these viruses can only be distributed to modified software, that is, to an iOS device with a jailbreak. In normal everyday use, it is impossible to “catch” any virus.
It is based on all of the above that the uselessness and the absence of Anti-Virus software in the Appstore is conditioned. The only type of antivirus software, so to speak, which is in the Appstore, is the application for checking and protecting untested, as well as any Internet connections. Connections such as: public network (cafe, bar, cinema, metro, etc.), as well as home network. Securing a VPN connection, since it can also be used by an attacker as a way of tracking and intercepting data.
APK (English Android Package) is an archived executable file format for Android applications. Each Android application is compiled and packaged into one file. Files of this format are not encrypted; they are a subset of the ZIP archive format.
Types of viruses on Android:
- Virus stealing funds from the balance of the phone;
- Virus stealing information;
- Viruses extortionists.
All of them are divided into 2 types:
')
- Fake - the name and icon of some well-known application is used, but inside there is only malicious code. Most viruses of this type;
- Trojan Horse - a malicious code is added to a normal application, which works together with the application.
Ways to scan a file for viruses:
- Directly with the help of antivirus on the phone;
- Using antivirus on PC;
- Gutting .apk.
The main drawback of checking the application for viruses from the phone is the need to install this application, which means it is necessary to put the phone at risk, unlike checking from a PC, where you can check the file itself, without having to install it.
Also, a significant drawback would be that the phone antivirus databases are not perfect, if the virus that your phone is infected with is not in the database, then the only option would be to roll back your device to the factory settings.
The method of evisceration, requires certain skills and is not available to the ordinary user.
Dependence of antiviruses on administrative rights.
Many viruses at the moment either hide the list of confirmation of permissions, or request administrative rights.
What is it fraught with? Let's start with the fact that an application with administrator rights cannot be deleted via the application management menu in the settings, this will require taking administrative rights away from this application, but at the moment the attackers insert a script that does not allow this and even tries to overload the device’s memory, forcing it to close settings through the application manager.
Also, an application with administrator rights can affect other applications without the need to confirm, thus, the malware can change the text in antivirus programs and the results of the checks.
What conclusion can be drawn from the foregoing? The most important thing is, of course, you don’t need to download the application from third-party sources, and if you’ve done it, it’s better to check it for viruses using antivirus on your PC, but if there is no such possibility, then carefully examine the file for the questionable name , as well as suspicious access permissions.
And regarding the usability of antiviruses on Android phones, it’s hard to say something unambiguous, but I believe that an antivirus on the device will be useful, except to an inexperienced user, in order to prevent accidental errors. In the case of an experienced user, he has enough awareness to avoid infecting his device.
Are there any viruses on iOS? The first thing I want to start with is to understand a certain generally accepted opinion that there are no viruses on iOS devices at all. They are, but very few, for some reason.
The first and most important thing is that the virus makers are not interested in writing viruses on this mobile platform, since in the overall ratio of the entire mass of Apple mobile devices, gadgets occupy a niche, according to various estimates, from 3 to 10 percent.
The second reason that there are so few viruses on iOS devices is that this operating system is currently the safest, at least one of the best for the owners and there are explanations. The closedness of the system itself from third-party downloads, if it concerns applications, then this is only Eppstor. Regarding the exchange of photos, videos, audio recordings, then only verified own software on the owner's computer - iTunes or only between Apple devices, which blocks the possibility of downloading files from incomprehensible unverified sources to the device. Although it may be noted that the company from Cupertino allowed its users to download only photos and videos without using iTunes, on any desktop. It’s not about downloading a photo or video to the device itself (through the root system on a computer).
But there is also a way around this “protection” of the OS, many have probably heard about it - Jailbreak on different versions of iOS.
A jailbreak is a procedure (and not software) that allows you to open access to the file system of a mobile device on the iOS platform. Allows you to install custom (custom) themes, tweaks, but most importantly - download third-party software - not from Eppstore. It is noteworthy that such a process the Library of Congress did not consider copyright infringement (as you can download anything for free) and allowed iPhone owners to conduct such a procedure in the United States.
The Cupertini people themselves do not officially support the use of this loophole. After the jailbreak procedure, the license agreement is violated, and the owner of the Apple device is deprived of the right to technical support and warranty. However, if the owner updates the iOS version to a new one or restores it, he will remove traces of exploiting the vulnerability and find out if the jailbreak has been installed on the device previously will not be possible.
The second "stage" of OSE protection
This is her own code, a method of writing. Initially, with the release of the first iPhone 2g, only Apple’s own products / widgets — calendar, photo, browser, and the like — were installed on the phone. Later, with the development of technology, Apple was able to expand the capabilities of the owners, and the system was open to application writers that could be downloaded from the Appstore.
Thus, it is possible to understand how virus protection occurs, but which viruses exist on this platform are, in general, the same as on Android smartphones:
⁃ Identity theft;
⁃ Sending SMS, calls to premium numbers;
⁃ Download and silently install other third-party software;
⁃ Conduct covert surveillance (using a microphone, camera, interception of calls);
⁃ Sending messages in social networks on behalf of the owner.
BUT! It is important to note that all these viruses can only be distributed to modified software, that is, to an iOS device with a jailbreak. In normal everyday use, it is impossible to “catch” any virus.
It is based on all of the above that the uselessness and the absence of Anti-Virus software in the Appstore is conditioned. The only type of antivirus software, so to speak, which is in the Appstore, is the application for checking and protecting untested, as well as any Internet connections. Connections such as: public network (cafe, bar, cinema, metro, etc.), as well as home network. Securing a VPN connection, since it can also be used by an attacker as a way of tracking and intercepting data.
Source: https://habr.com/ru/post/350194/
All Articles