Can you get viruses on Android?

The double espresso and bagel you ordered wasn't cheap, reminding you it's been a while since you checked your bank account. You pull out your Android phone, connect to the café’s public Wi-Fi network, and sign into your bank's app.

You've unknowingly just made a common security mistake and opened yourself up to a potential man-in-the-middle (MITM) attack. In this attack, the seemingly innocent café Wi-Fi was actually a compromised network set up by a hacker to mimic the café’s official Wi-Fi. Users that connect to the hacker’s network may expose their device – and data – to the hacker, which could leadto phishing attacks, as well as the installation of viruses on Android devices.

This is just one of many attacks that can occur on mobile phones— and it's far more common for hackers to target Android users. Here, we’ll explore whether viruses on Android devices are a real threat, how these attacks can occur, and how to minimize risks for Android users.

The current threat landscape

With device use so ingrained in our daily lives, attacks on smartphones, laptops, and tablets are a serious threat to our personal data, leaving us exposed to serious crimes like financial fraud and identity theft. According to Kaspersky Security Network, in the first quarter of 2025 a total of 12 million attacks on mobile devices involving malware, adware, or unwanted apps were blocked. Trojans, the most common mobile threat, accounted for 39.56% of total detected threats. More than 180,000 malicious and potentially unwanted installation packages were detected.

Two malicious app types on Android - Banking Trojans (27.31%) and spy Trojans (24.49%) ranked as the most common threats.

Trojan apps appear to be regular utility or gaming apps that harvest user data or perform other malicious activities. There are also malicious apps that can steal multifactor authentication codes (MFA), which presents further security concerns. Some Android hackers also use SMS phishing – or smishing – to target users and force them to install a malicious app.

How secure is Android?

All smartphones have security vulnerabilities that leave them vulnerable to cyberattacks, but it’s common to believe that phones running Android operating systems are much more likely to fall prey to attackers. This is only partly true, as security of modern Android versions is on par with iOS. But, of course, there are many older Android smartphone still in use without up-to-date security patches. In addition, there were fewer malicious apps detected in Apple’s App Store than on Google Play.

Android users can also install apps from third-party stores, as well as install APK files directly, which potentially increases the risk of encountering malware.

Android also has a larger market share compared to Apple. This means it's far easier and more lucrative for hackers to create viruses on Android to obtain users' sensitive information.

Common Android malware types

Now that we’ve established an answer to the question “Can Androids be hacked?”, it’s important to understand the various Android malware types. There are several categories, including:

Trojans

Like the horse in the famous Greek myth, Trojan viruses on Android masquerade as something innocent – the malicious code only activates upon user interaction and steals user data.

Spyware

Spyware is a type of malware that steals data from a device and sends it to the attacker without the device’s user knowledge, giving access to messages, browsing history, location, and photos, for example.

Preinstalled malware

Counterfeit smartphones imitating well-known brands and offered online may come pre-installed with malware, like the Triada Trojan. This type of malware infects the firmware even before the smartphones are sold. Pre-installed in system partitions, the malware is practically impossible to remove.

Malware loaders

Their primary role is to infiltrate a smartphone and download or execute secondary malware. This could include stealing sensitive data (e.g., banking credentials, personal information), encrypting files for ransom, or enabling remote control of the device.

Proxy Trojans

A proxy trojan is a type of malware that turns an infected device into a proxy server, allowing cybercriminals to route their malicious traffic through it to hide their identity or perform attacks like DDoS or phishing. It often operates stealthily, consuming device resources and compromising user privacy without noticeable symptoms.

Backdoors

An Android malware type that gives hackers access to a device surreptitiously, allowing them to create further damage.

Adware

Adware pushes ads to the device’s screen, making it harder for the user to use their device, forcing it to use more traffic and consume more battery.

Stalkerware

Stalkerware is usually installed on devices within the victim’s knowledge and gives the attacker the device owner’s location.

Keyloggers

Keyloggers are used to track keystrokes, allowing attackers to read messages, for example.

Ransomware

Ransomware is malware that encrypts a user's files or locks the device, demanding payment (usually in cryptocurrency) to restore access.

Malware powered by AI is a potential threat that cybersecurity experts are concerned could become the next frontier in viruses on Android. One of the recent examples is the OCR SparkCat trojan stealer – it analyses text in photos stored on smartphones searching for crypto seed phrases and other confidential information.

How to detect viruses on Android?

Since there are numerous Android threats, users must learn to identify if their device has been infected. While there are no foolproof detection methods, there are certain things to do that may indicate an infection. It’s worth looking out for these warning signs:

• A sudden surge in data usage or use of phone or text quotas
• Unexpected pop-ups
• Unusually rapid battery draining
• Messages, emails, or phone calls you don’t recall sending, notifications on logging on from devices that are unfamiliar to you
• Apps you don’t remember downloading
• Apps that start crashing frequently
• Unusually slow phone performance

But, of course, the main thing to do is download and install a trusted protection app and run regular scans.

How to stay safe using Android

There are many security measures users can take to lower their risk of exposure. Here are some tried-and-tested tips.

Don’t log into sensitive accounts in public

Any time you’re on a public Wi-Fi network, limit mobile phone usage to activities that won’t reveal sensitive information, and don’t use mobile banking apps. If you must use a public Wi-Fi network for any reason, make sure to do so with a VPN installed on your device.

Thoroughly research any apps before downloading them

Be sure to read user reviews and only download apps from a legitimate marketplace. This reduces the risk of downloading an infected app because of marketplaces’ moderation and security policies, but does not eliminate the risk completely. Check which permissions the app requires, too – it should only use the bare minimum required for proper operations. For instance, a calculator app should not ask for access to your photo library, or your contacts.

Install antivirus for Android to ensure mobile security

It’s strongly recommended that devices are protected with proven antivirus solutions like Kaspersky’s Antivirus for Android. There are numerous apps available but be sure they’re from legitimate companies and app stores.

Keep all software up to date

Whether it’s the operating system or apps, it’s important to keep all software up to date and running the latest security patches to avoid threats on Android.

Keep your device backed up

As a best practice, it’s important to regularly back up your Android device. This ensures that you’ll still have access to most of your data in case your device is stolen or subject to viruses on Android. You can enable automatic backup to your Google Account by going to your Settings app, selecting “Google” then “Backup” and choosing the different data sets you want to be stored, such as “Photos and videos” or “Device data”. You can also manually back up your device data by following the same steps and then choosing “Back up now.”

Keep your device physically secure

Never leave your device where it might be surreptitiously taken, even for a few minutes, and remember to always enable screen locks and biometric authentication. In addition, it’s useful to have remote access to your Android device through the Find My Device app. With this feature activated, you can track your device if it’s stolen and wipe it to avoid a data breach. Simply use another Android device to access the Find My Device app, sign into your account, select the device, go to settings, and select “Factory reset [device name].”

Removing malware from Android

Here are a few steps to take if your device falls victim to Android malware:

• Disconnect the phone from any wifi networks and turn the device off immediately.
• Try to run a scan with an Android antivirus program to remove the malware.
• Navigate to the device’s settings and scroll to the “apps” section – look for the infected app.
• Try to Uninstall the infected app using options like “force close” or “uninstall.”
• If you can’t delete the app, check the “security” section to view the device’s administrators – make sure your profile has full admin rights.
• You may also choose to initiate a full factory reset, which should automatically remove the malware. However, if your device was infected with preinstalled malware like Triada, this would not help.
• Change your Google Password as soon as possible – do this in the “security” section in “settings.”
• Change all passwords that may have been compromised in the security breach, such as emails, bank accounts, and social media pages.
• Activate multifactor or biometric authentication wherever possible.
• Enable Google Play Protect in the drop-down menu of the Play Store app.
• Ensure the OS and all apps are up to date.

Related Articles:
Smartphone Security
Public Wi-Fi Security
Android vs. iOS: Which is Safer?

Related Products:
Kaspersky Premium
Kaspersky Secure VPN
Kaspersky Antivirus for Android