December 12, 2017

Mobile App Stores Flooded With Malware

Malicious content is often associated with websites, emails and softwares. But what about mobile app stores? With smartphones dominating the cellphone industry, it shouldn’t be no surprise then that malware can also be found in mobile apps. In the latest quarterly report published by RiskIQ, which analyzed 120 mobile app stores all around the world, it’s been found that mobile stores are, in fact, still a source of malicious content.

Here’s what you should know about malicious mobile apps.

What Is A Malicious Mobile App?

A malicious mobile app is a clone of a legitimate software from an official developper that contains malware. In fact, researchers from RiskIQ found clones of Avast’s anti-virus software and Waze’s GPS navigation system in bad app stores. RiskIQ also found that among all app categories, dating, messaging and social networking apps were the main targets of malware. In Google’s Play Store, for instance, three messaging apps were found with a SonicSpy malware.

The Real Danger Of Malicious Mobile Apps

Aside from the fact that malicious apps can be used for collecting personal data, they can also help create a massive botnet. This August, multiple content delivery networks (CDNs) and content providers were affected by a mobile-based botnet called WireX. WireX was available on Google’s Play Store and ended up affecting an estimated 70,000 Android users worldwide. It’s been found that around 130,000-160,000 unique IP addresses were collected from over 100 countries. Consequently, Google removed 300 mobile apps that were affected by the botnet.

How To Avoid Malicious Apps

Here are 3 tips that can help you avoid malicious mobile apps:

1-  Don’t rely solely on numbers
Just because an app appears to many positive reviews doesn’t necessarily mean it’s a legitimate app, as reviews can easily be forged. Similarly, a high amount of downloads doesn’t necessarily mean that the mobile app is good, either. It could simply just indicate that it managed to trick a high amount of victims into downloading the app.

2 – Know who the developper is
Before downloading any mobile app, make sure to take a good look at the developper’s name. If it’s an unfamiliar brand or has an odd spelling, you might want to consider researching its name and see its reputation.

3 – Pay attention to the details
Make sure to carefully read the mobile app’s description. Look out for red flags such as bad grammar, a lack of information about the app or overall poor branding. It is also recommended to avoid developers that use free email services -such as @hotmail- for their contact, as developers behind malicious apps often use these services to collect multiple malicious apps in a short span of time.

Related Posts