Android's security vulnerabilities are due to its open-source licenses, which allow phone manufacturers to adapt and update the system's source code as they see fit. That flexibility was part of the system's appeal for developers, driving its early adoption and success, but it's also led to wide-ranging security vulnerabilities.
Google revealed just after Thanksgiving that over 1.3 million Google accounts were compromised due to an extensive malware campaign security researchers called "Gooligan." Cybersecurity firm Check Point, which first discovered the breach last year, said it affects Android users who downloaded third-party apps from the Android app store.
Check Point estimates that roughly 13,000 new devices are being infected with Gooligan every day. After downloading an app, a user's device immediately becomes infected with malware that allows the hackers to steal authentication tokens that can be used to access data from Gmail, Google Photos, Google Docs, Google Drive, and more. You can find out if your Android device was targeted in Gooligan for free on Check Point.
But Gooligan isn't the only malware campaign around, and it won't be the last. How do you find out if your Android phone has been hacked
Unfortunately, there are few easy ways to tell, and avoiding third-party apps isn't a full-proof way to avoid being hacked. If your Android device has a Qualcomm chipset, it's already vulnerable to hacking. Check Point discovered four security vulnerabilities in the Qualcomm chipset.
You can help protect your phone by only downloading apps from the Google Play store, avoiding apps from third-party sources (i.e. an unauthorized app to play YouTube videos), and constantly downloading security updates. You should also avoid a rooted phone—one that's been modified to allow you to install software the manufacturer typically wouldn't—because they are far more susceptible to being breached.
If you do suspect that your Android phone has been hacked, a factory reset may be the only option. But in many cases, it won't work. The only course of action is then is to shut off your Android phone, change all the passwords to your necessary accounts, and get a new device.
Here are some signs that your Android phone may be hacked.
1) Shady apps are running in the background
Is your phone going through a lot of data lately? Is your battery life draining quicker than usual? That may be because of the result of spyware. According to Android Authority, spyware apps use a lot of data since they are constantly running in the background.
To check on your Android's data usage, go to Settings, then "Data Usage," and look under the "App Usage" category.
2) Pop-up notifications at every turn
Are pop-ups ads for apps appearing out of nowhere? Are you getting strange messages telling you that you've been breached and asking you to download a free anti-virus software? You may have malware already on your phone.
3) Unauthorized purchases on your credit card or posts on Facebook or Twitter
Keep an eagle's eye on your bank account and social media for suspicious activity. Even if you don't store your credit card information online, hackers who have access to your personal details can often guess at your password. A transaction that you don't recognize could be the first sign that you've been the victim of an Android hack.
4) Random shutdowns
Does your phone suddenly shut down for no reason? Does it restart without you prompting it? This should be a major red flag.
"If you believe that your phone’s software is stable and updated, then random reboots or shut downs can mean your phone has spyware software installed," Joy of Android wrote. "An unstable third-party app might also be causing this."
Looking for more help with your Android device? Here's how to find your lost phone using Google Search, the 6 best video chat apps for Android, and our picks for the best privacy and security apps for Android phones.