Malicious Mobile Applications (6 Ways to Avoid Grayware & MalApps)
It's no mystery that mobile devices can pose considerable security risks to their users. From SMS phishing to mobile botnets, these devices can become vectors for cybercriminals looking to harvest information. Added to these growing mobile threats, are malicious applications. These applications provide a means of gathering sensitive information including location, phone number, and other personally identifiable information. Not only do these applications put the user at risk, but they can also prove a threat to the wider network that these devices are connected to. Fortunately, there are ways to avoid malicious apps and keep your mobile devices safe.
Here Are Six Ways to Keep Your Mobile Devices Safe from Malicious Mobile Applications:
Growing Mobile Threats
The proliferation of malicious mobile applications and malware is ultimately driven by revenue generation. Criminals conduct premium rate SMS attacks wherein they hijack a user's device to send paid messages and collect the revenue. Adware is another source of income, with attackers gaining ad impressions and app downloads, through forceful redirects and downloads. Cryptocurrency mining has also played a role in this, as fake apps with mining capabilities continue to flood the marketplace. According to Kaspersky Security Network, in Q3 of 2021 there was over 9 million attacks on mobile devices that were prevented. The largest share of all detected mobile threats were through RiskTool apps, which ended up being 65.84%.
Researchers identified 27,000 new types and blocked an average of 23,795 malicious apps per day. And, on the macro scale, the U.S. topped the list of countries for most mobile malware blocked, representing 57% of all blocks. Generally, applications are downloaded from a handful of reputable stores, such as Google Play, the App Store, Samsung Galaxy Apps, etc. Although the high volume of applications in these stores has historically proven a security challenge, most apps featured in these stores have been vetted or pruned. It is lesser-known, third-party application stores that more often feature apps laden with malware. Symantec reported that 99.9% of detected mobile malware came from these third-party stores. Certain categories of applications were also more likely to contain malware. Arranged by likelihood:
- Lifestyle apps (27.3%)
- Music and Audio (19.7%)
- Books and Reference (9.9%)
- Entertainment (6.2%)
- Tools (5.5%)
So what makes an application malicious? Unfortunately, the answer is not always so clear-cut, particularly due to the rise in "grayware" applications. Grayware has become something of an umbrella term for applications that are troublesome for users, but "aren't completely malicious." These applications can include hack tools, accessware, spyware, adware, dialers, and joke programs, often barraging recipients with pop-up ads or site redirects. Moreover, grayware can leave a device vulnerable to more severe types of malware, including viruses and Trojan horses. Symantec reported a 20% increase in grayware application variants in 2017, for a total of 3,655 types. Of these:
- 63% were found to have leaked the device's phone number
- 37% leaked device location
- 35% leaked installed application information
Some of these apps intentionally thwart user attention by disappearing after installation. Once downloaded these apps essentially become "invisible", erasing their tracks while continuing to harvest sensitive user information. Other types will wait for a designated amount of time to pass before initializing, so as to avoid raising suspicion.
Image courtesy of The Wrangler.
Common Mobile Vulnerabilities
Greyware comes in many shapes and forms, and the cybercriminals implementing it have gotten extremely creative. Here are some malicious scams to watch out for on your mobile devices:
Spoofing - When a person or program impersonates another in order to corrupt a system and gain advantage. These attacks are very common and there are typically small details - such as misspelling - that will indicate that the message/application is false.
Trojans - Trojans are derived from the ancient Greek myth of a soldier-filled horse that ultimately ends up destroying the city of Troy. The cyber version doesn't stray far from the origin story: Trojans invade your computer and pretend to be real operations programs.
Spam - A large volume of unsolicited messages that are sent to your email and mobile messaging apps for dubious or non-ethical reasons.
Adware - These are more commonly known as popup ads. If you click on them, they can slow your computer down or infect it with malware. Remember, never click on anything you are unsure of.
Ransomware - This type of malware is one of the most reported. Ransomware typically involves cybercriminals extorting people and businesses by threatening to delete or leak corporate data if conditions are not met. More often than not, even if a ransom is paid, the cybercriminals will release or corrupt your data.
Keyloggers - This is when a cybercriminals puts a malicious software on your device and monitor your keys when you are on certain websites. For example if you are putting in a credit card number when ordering an online purchase, they will be able to find out your card number because you typed it on your keys.
Pharming - Redirecting you from a real website to another, malicious one, without your knowledge of it. You may notice a delay as you're being bounced from one spoofed url to another.
Vishing - Making fake phone calls from reputable companies to extort your personal information, such as your credit card or social security numbers.
Phishing - Sending emails from reputable companies to try and gain personal information from you. Phishing emails can take many forms, imitating internal departments, colleagues, partner organizations, and familiar brands.
Fortunately, malicious mobile applications are a threat that can be carefully avoided. Here are a few things to remember, before your next download:
Regularly update your mobile device(s)
Only download applications from reputable app stores
Check the logos—many malicious apps will mimic well-known brands, so as to appear legitimate
Read the permissions requested by apps
Install a mobile security application such as Microsoft Enterprise Mobile Suite + Security to protect and isolate corporate data
Routinely back up sensitive/important information
Consider leveraging a resource such as Microsoft EMS for advanced mobile protection, keeping you, and your network, safe.