SAN FRANCISCO–Malicious mobile apps are back on the rise, impersonating brands and fooling consumers, according to digital threat management company RiskIQ.
The company’s Q3 mobile threat landscape report analyzed 120 mobile app stores and more than two-billion daily scanned resources to identify and analyze the app stores hosting the most malicious mobile apps and the most prolific developers of malicious apps.
The report documents an increase in blacklisted apps over Q2, as well as the continued issues of imitation and trojan apps in official app stores and the emergence of the massive WireX mobile botnet.
According to RiskIQ:
- Feral apps and Google Play are main sources of blacklisted apps. “Q3’s analysis confirmed that feral apps—apps available for download outside of a store on the web—and the Google Play store were the most abundant sources of malicious apps each quarter. Plus, the top developer of blacklisted apps in Q3, Nyi Subang Larang, worked exclusively in the Play store. However, Google’s percentage of malicious apps was overall decreased and fell to a low of 4% in Q3 after reaching a high of 8% in Q2.”
- Other leading blacklisted app sources. “In third place, secondary store AndroidAPKDescargar had comparable numbers to Google and feral apps. In Q3, it more than doubled its number of malicious apps to 20,907, making up about one-third of its total app count and outpacing all other stores by more than 10,000.
- Rounding out the top four: ApkFiles rocketed to a huge number (25,545) in Q1 and then dropped off in Q2 before recovering slightly in Q3. Meanwhile, 97% of 9game.com’s 6,052 apps (most of which purport to be games) were flagged as malicious.
“Based on this data, RiskIQ concluded that some stores are being created and pumped up with huge numbers of malicious apps in short order,” the company said. “The firm’s researchers speculate that this could be in concert with a particular campaign or to make detection of known bad stores more difficult.”
RiskIQ noted that antivirus, dating, messaging, and social networking apps are favorite targets for spreading malicious software.
“Securing the mobile app ecosystem continues to be a challenge for app stores of all sizes, but efforts to improve version control, monitor for abuse, employ verification techniques, and offer security education can help,” said Mike Wyatt, director of Product Operations at RiskIQ, in a statement. “Tracking the use of brand names and likeness is an equally daunting challenge for corporations. Brands should evaluate and implement solutions that constantly monitor their digital footprint online and in mobile app stores.”
For more info: RiskIQ Mobile Threat Landscape Q3 2017 Report.