Malicious apps are multiplying rapidly in Google’s Play store – where a survey found that the number of malicious apps had grown 388% from 2011 to 2013, acording to an audit by Risk IQ which monitors app stores to remove ‘fake’ versions of branded apps for its clients.
Risk IQ claims that during the same period, Google’s removals of malicious apps actually fell – from 60% in 2011 to 23% in 2013. Risk IQ’s totals do not include ‘adware’ – supposedly free apps which fill phones with unwanted advertising.
The apps designated as ‘malware’ in RiskIQ’s scan includes those which collected and sent data such as GPS coordinates, contacts lists and messages to third parties, subscribed to premium-rate phone or SMS services, or which took control of the phone, covertly recorded calls, or downloaded other malware.
Despite focusing on the ‘worst’ of Android malware (ie data-stealing Trojans, money-stealing SMS scams and spyware), Rapid IQ detected a growth from 11,000 such apps in 2011 to 42,000 in 2013, according to Infoworld.
ZDNet’s report was cautious about some of RiskIQ’s claims such as the fact that 12.3% of apps on the store are malware. ZDNet also points out that between 2011 and 2013, the search giant introduced new measures to scan new apps for malicious behaviour, and to prevent modification of apps within the store.
Apps which offer personalization, such as wallpapers, were most likely to be malicious – which tallies with figures from Google’s earlier ‘purges’ of the app store. In one ‘purge’ last year reported by We Live Security 60,000 apps were removed, including 12,777 from the ‘personalisation’ category.
Risk IQ monitors app stores such as Google’s Play, with an automated scan which seeks out suspect applications, apps which have been tampered with, and apps which impersonate famous brands. The
“The explosive growth of mobile apps has attracted a criminal element looking for new ways to distribute malware that can be used to commit fraud, identity theft and steal confidential data,” said Elias Manousos CEO of RiskIQ. “Malicious apps are an effective way to infect users since they often exploit the trust victims have in well known brands and companies they do business with like banks, insurance companies, healthcare providers and merchants. Our unique visibility directly into App Stores allows us to shine a light on this problem and prevent attackers from impersonating brands to exploit their customers.”
Cybercriminals constantly adapt the tactics they use to fool consumers into downloading malicious apps. We Live Security offers a detailed guide to the tell-tale signs that your app may not be what you expect here.
Author Rob Waugh, We Live Security