SAN FRANCISCO–Malicious mobile apps were on the decline in Q4 of 2017, largely due to a decrease in the inventory of AndroidAPKDescargar, the most prolific dealer of blacklisted apps, according to RiskIQ’s Q4 mobile threat landscape report.
That report analyzed 120 mobile app stores and more than two-billion daily scanned resources. Listing and analyzing the app stores hosting the most malicious mobile apps and the most prolific developers of potentially malicious apps, the report documents the return of familiar threats such as brand imitation, phishing, and malware—as well as the discovery of a bankbot network preying on cryptocurrency customers, the company said.
According to RiskIQ, the Google Play store again led the way with the most blacklisted apps, but Q4’s analysis confirmed that “feral apps”—apps available for download outside of a store on the web—fell in popularity for the first time in several quarters, falling from the number two spot and giving way to three other stores:
- ‘AndroidAPKDescargar’ had 7,419 blacklisted apps, comprising 41% of the apps RiskIQ observed in their store
- ‘9game.com’ had 4,083 blacklisted apps, accounting for 86% of the total apps RiskIQ observed
- ‘9apps’ had 3,644 blacklisted, 15% of the total apps
Riding the Cryptocurrency Wave
In November, RiskIQ researchers reported they found a mobile app that was trying to pass itself off as a cryptocurrency market price app. “This app was found to be part of the bankbot family of mobile Trojans and would monitor the device that installed it for a list of target apps,” RiskIQ said. “If the app were launched while the Trojan was installed, the Trojan would put an overlay over the legitimate app and collect sensitive information, such as login credentials from the banking customer.”
“Securing the mobile app ecosystem continues to be a challenge for app stores of all sizes, but efforts to improve version control, monitor for abuse, employ verification techniques, and offer security education can help,” said Mike Wyatt, director of Product Operations at RiskIQ. “Tracking the use of brand names and likeness is an equally daunting challenge for corporations. Brands should evaluate and implement solutions that constantly monitor their digital footprint online and in mobile app stores.”
For the full report, go here.