img_0131

Simple Tips to Spotting Evil Apps

Mobile devices have come a long way. We mean a reeeallly long way. In but a few short years they have gone from “nice to have but not so essential” gadgets to “OMG I can’t function without it” life savers. These chocolate bar-sized devices hold more information than most 3 year old desktop computers and glued to our sides day and night, they contain all our passwords, banking information, account credentials, and so much more.

This reality isn’t lost on hackers, who will try anything to get people and their data to part ways. And app stores, part and parcel of the mobile OS, turn out to be the perfect accomplice to their crimes. Recent reports estimate that between 75-80 percent of apps in both the Official App Apple Store and the Google Play store are potentially malicious in some manner. Some of these apps have weak or non-existent privacy policies. Others simply pass on your information to advertisers. Some are just flat out malware. Some can even give your devices the ability to spy on you such as the now infamous “Brightest Flashlight” app that was found to be recording conversations and sending them to third parties in 2015.

iOS Vs Android

Before we have a look at some of the worst recent app offenders, it’s important to understand a bit about the app store landscape, as it will have important ramifications to your security. We all know very well that the Official App Store and Google Play are very different entities, as are the operating systems they are linked to, but what you might not realize is that they take very different approaches to the apps they accept into their platforms. Regardless of whether you’re Apple or Android addicted, one thing is clear: There are more malware-filled apps running rampant in Google Play than in Apple’s Official App Store.

Malware-filled apps that target the Android OS are a persistent threat, one that makes weekly, if not daily, headlines. Malware masquerading as plain old apps are the best chance hackers have to get their grimy paws on your data, short of plucking your device straight out of your pocket when your head is turned. But some variants are more destructive than others.

Hummingwhale

In the summer of 2016, researchers at security giant CheckPoint discovered a malware-filled app that was able to place rootkits on Android devices, while generating ad revenue and installing yet more malicious apps on the devices by itself. Dubbed “Hummingbad”, it fell off the radar shortly after discovery but now it’s back in a slightly revised fashion and this time it’s going by the name Hummingwhale.

It’s been found hiding inside more than 20 apps on Google Play and reports estimate that it’s been downloaded millions of times already. Like its predecessor, it can also download additional apps and has been known to download so many extra malicious apps to phones that they shut themselves down. The offending apps have since been taken down by Google Play.

Netflix SpyNote

But wait, there’s more;

Researchers from security firm Zscaler have just uncovered a Remote Access Trojan, (fondly referred to as a RAT), that poses as the official Netflix App. This malicious app is a new version of the SpyNote RAT that can record conversations, steal contact information and log the physical location of the device. Adding insult to injury, it also disables any anti-virus measures users may have on their devices to evade detection.

The Walled Garden?

This isn’t to say that the official App Store is perfectly in the clear; It’s true, the walled garden that is iOS (or at least was, until it opened up parts of their platform to certain outside developers a few months back) does a pretty good job of keeping baddies at bay. But every now and then there are reports of malware-filled apps that make their way onto the App Store, like this past March’s AceDeceiver that affected users in China. Thankfully, Apple releases security updates very often and the faster you install their updates, the better off you’ll be.

Much more common than getting hit with malware from a malicious app on the App Store are the malicious apps people pick up after  jailbreaking their iPhones (a really, really terrible idea, by the way.)

Regardless, the App Store isnt perfect when it comes to blocking malicious apps. Sure, it’s better, but that hardly matters once your identity has been stolen.

Avoiding Malicious Apps

When it comes to keeping your data out of the hands of digital baddies that make their homes on app stores, there are a few things you can do:

  • Only download apps from official app stores, like the Official App Store and Google Play. Never NEVER download from third party stores.
  • Make sure your device, regardless of OS, is up to date, which will install security patches that can protect from the latest vulnerabilities.
  • Look for apps that display links to their privacy statements and Terms of Service. Once you find them, read them and know what you’re signing up for.
  • Look at the developer’s website; does it look legit? Do some digging around on Google to see what you can find out about the developer.
  • Pay attention to reviews. Sure, they can be faked, or written by illogical, irate users, but they can be a decent indicator of whether or not an app is trustworthy.
  • As we said above, skip the iOS jailbreak; You really want more options? Sell your iPhone and just get an Android to begin with.

Your mobile is a gateway, and getting through that gateway can give baddies the clearance they need to ruin your security. Understand your risk factors (especially if you’re an Android user) and take the right precautions to ensure your data doesn’t fall into the wrong hands.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s