More than a billion Android devices are at risk of being hacked because they are no longer protected by security updates, and this vulnerability could leave users around the world at risk of data theft, ransom demands and other malware attacks.
Anyone using an Android phone released in 2012 or earlier should be particularly concerned: two out of every five Android users worldwide are no longer receiving security updates.
Google’s own data indicates that 42.1% of Android users around the world use Android version 6.0 or below on their phones. According to the Android Security Bulletin, no security patches were issued for Android in 2019, especially versions below 7.0.
Five phones were tested and the anti-virus lab AV was asked to infect these devices with malware, which led to the creation of multiple infections on some of these devices, as follows:
- a Motorola X
- a Samsung Galaxy A5
- a Sony Xperia Z2
- an LG/Google Nexus 5
- a Samsung Galaxy S6
Note that these results were shared by Watchdog with Google, but the technology giant “failed to provide reassurance that it has plans to help users whose devices are no longer supported by security updates,” noting that Google is required to provide more transparency about the period during which updates will be provided to smart devices.
watchdog said the mobile industry needs to do a better job of providing support to customers about their options once security updates are no longer available.
News editor Kate Bevan said: “It is deeply concerning that expensive Android devices have such a short shelf life before they lose their security support, leaving millions of users vulnerable to serious consequences if they fall victim to hackers.
“Google and phone makers need to be clear about security updates – with clear information about how long they will take and what customers should do when they stop.”
“The government must also push ahead with legislation to ensure manufacturers are more transparent about security updates to smart devices – and their impact on consumers.”
How to check if your Android phone is vulnerable to hacking and what to do
- If your Android device is more than two years old, check if it can be updated to a newer version of the current operating system. If you are using a version earlier than Android 7.0 Nougat, try updating via Settings > System > Advanced System Update.
- If you can’t update, your phone may be vulnerable to hacking, especially if you are using Android version 4 or lower. If so, be careful not to download apps from outside the Google Play Store
- Also be careful of suspicious SMS or MMS
- Back up your data from your phone in at least two places (a hard drive and a cloud service)
- Install an antivirus program for mobile phones. We advise you to view a set of The best antivirus programs for Android phones
