Among the Latest Threats: Malicious Mobile Applications

As IoT security increases as a concern, many in cybersecurity are warning that mobile security also needs attention. Jai Vijayan, who has been covering technology for over twenty years, reports that a survey of 600 security professionals carried out by the Ponemon Institute “found that 84% of them are very concerned about malware threats to their mobile applications, compared to 66% who said the same about their IoT application environment”.

These security issues not only have an effect on corporations, but also ordinary smartphone users with their own private devices. Nowadays there are a plethora of mobile apps and games, like Pokémon Go, which was a huge hit last summer, showcasing the capabilities of augmented reality. Many are overeager to try out these latest new experiences in technology.

Indeed, it goes without saying that opportunistic cybercriminals look to exploit vulnerabilities no matter where they are found. As professionals write, the threatscape is by no means limited to traditional desktop computers. Smartphones are minicomputers that contain an abundance of personal data — including banking information as m-commerce becomes ever more commonplace.

It thus should also be noted, that it’s no surprise that the following examples of some of the latest mobile exploits concern Android users — as of November 2016, Android now commands about 87.5% of the global market share for smartphones. As a result, exploits found in Android are going to be more profitable than ones in, for example, iOS. One must not forget that, “cybercrime today is very much about money”.

Around the beginning of the New Year, a fake app for Super Mario Run appeared on Android, mimicking a real iOS app that had already been released by Nintendo. This version of the app turns out to contain the “Marcher Trojan”, which demands the user’s credit card information in the Play Store, while denying access to the actual store.

In another case, some Turkish Instagram users with Android phones encountered multiple apps, which were presented in Turkish and found in the Google Play Store, promising to increase their number of Instagram followers. In reality, the apps were a phishing scheme attempting to steal login credentials, likely so that the accounts could be sold.

Sometimes malware infused apps result in one’s phone getting infected with ransomware. Recently Russian speaking Android users were targeted, demanding that the victim pay 545,000 rubles (approximately $9,100). Upon downloading the infected app, the user is asked to give it administrative rights, which requires a reboot, after which the victim is locked out until he or she pays the ransom via credit card. Because of the obscenely high price, many probably “will instead choose to buy a new phone rather than paying the crooks”.

Apps containing malware come in different forms and their methods vary, but they all prey on the trust of users. As such, especially for apps that people are eagerly waiting for, like the release of a popular game, the proverb “if it looks too good to be true, it probably is” applies. Therefore, because of the wide range of mobile exploits, users need to be vigilant. It is best practice not to trust a mobile app that appears before the expected date of release, if there have not been any reliable announcements regarding early releases.

Finally, people simply browsing for new games to play or other apps, may not have heard about it, be intrigued by it, and end up downloading one infused with malware. Ultimately one ought to follow security investigator Brian Krebs’ first security rule: “if you didn’t go looking for it, don’t install it.”

At the very least, one should research and confirm the safety of the unknown app before doing so.