There is no such thing as being 100 percent secure. But there are many ways to reduce the risk and make it harder for hackers to invade your smartphone.
How to Protect yourself against such hackers, There are standard protection measures you need to follow to remain unaffected:
1)Always download apps which are from trusted and verified developers and stick to trusted sources, like Google play Store and the Apple App Store.
Applications add functionality to a smartphone, but also increase the risk of a data breach, especially if they are downloaded from websites or messages, instead of an app store. Hidden inside applications, even ones that work, could be malicious code that lets hackers steal data.
“The app ecosystem of mobile phones is enormous. Neither Apple nor Google can possibly look through every single app on their store and determine if it’s malicious or not,” So I will suggest you think about who the app developer is and if you really need the app before installing it.
2) Always verify app permissions before installing apps. If any app is asking more than what it is meant for, just do not install it.
When you give access to an app to photos, the app gets access to write new photos/images to your phone and to read all your photos on the device in an unencrypted form. The date and time when each photo was taken are embedded within the photo. Plus, if you have enabled Location Services for the Camera app, then an app that has access to the photos can also find out where you took the photos.
How the app then treats the photos and the associated metadata (like date/time and location), if it uploads or sends them elsewhere, is left to the app. For example, once you give permission, iOS apps for popular services like Dropbox, Facebook, Flickr, and Google+ can upload all your photos to their services. these apps can also be allowed to do it in the background (when you’re not actively running the app). Most users wouldn’t even actively know which photos are being uploaded and when.
3) Avoid unknown and unsecured Wi-Fi hotspots and Keep your Wi-Fi turned OFF when not in use.
Wi-Fi in public places, such as cafes and airports could be unsecured, letting malicious actors view everything you do while connected. To know if you’re on an unsecure connection pay attention to warning message your device is giving you. On iPhones, a warning will pop up saying that the server identity cannot be verified and asking if you still want to connect. You will be prompted to click “continue” before you can connect the Wi-Fi.
Your phone actually has a lot of really good built in technology to warn you when you are going to make a poor security decision, But people are very conditioned to just click through whatever warnings it is because they want the content.
4) Be careful which apps you give administrative rights to. Admin rights are powerful and can give an app full control of your device.
Device admin allows app developers to create security-aware apps that are mainly useful for enterprise settings. These settings may stop a user from installing or uninstalling an app. And attacker can use this for their own purpose.
Glancing through developer forums it’s clear to see (and I’m one of these) that not being able to kill an app because it is using up large amounts of CPU or RAM time, isn’t that useful to us end -users. Apps and operating systems do have memory leakage and probably always will from time to time. So, how do you disable device admin rights for a particular app so that you can enable ‘Force stop’; ‘Uninstall’; ‘Clear data’; ‘Clear cache’; and ‘Clear defaults’ from within App Manager?
5) Never click on links in SMS or MMS sent to your mobile phone.
Never click on links in SMS or MMS sent to your mobile phone. Even if the email looks legit, go directly to the website of origin and verify any possible updates.
Do not download apps from third party source. Although in this case, the app is being distributed through the official Play Store, most often such malware are distributed via untrusted third-party app stores.
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Any file downloaded by any chat application accept Hangout directly pass to Mediaserver to process if that file is infected your device will be under attack.
To be fair, there is no mobile platform that is safer than other. With so many devices but only a handful of platforms to choose from, attackers are able to target any platform they desire and the repercussions can be quite devastating to power users. We, as users have to be cautious with what we do to and with our smartphones.
If you work extensively with your smartphone, you might want to look to BlackBerry phones as they have encryption features on their devices. Finally, because Android is an open source platform, it is more vulnerable to attacks as hackers can easily find vulnerabilities on each device; iOS or Windows Phone are less vulnerable because their system codes are not openly shared with the public.