Malicious Mobile Applications (6 Ways to Avoid Grayware & MalApps)
It's no mystery that mobile devices can pose considerable security risks to their users. From SMS phishing to mobile botnets, these devices can become vectors for cyber criminals looking to harvest information. Added to these growing mobile threats, are malicious applications. These applications provide a means of gathering sensitive information including location, phone number, and other personally identifiable information. Not only do these applications put the user at risk, they can prove a threat to the wider network that these devices are connected to. Fortunately, there are ways to avoid malicious apps, and keep your mobile devices safe.
A Growing Threat
The proliferation of malicious mobile applications and malware is ultimately driven by revenue generation. Criminals conduct premium rate SMS attacks wherein they hijack a user's device to send paid messages and collect the revenue. Adware is another source of income, with attackers gaining ad impressions and app downloads, through forceful redirects and downloads. Cryptocurrency mining has also played a role in this, as fake apps with mining capabilities continue to flood the marketplace.
According to Symantec's "Internet Security Threat Report," 2017 saw a 54% increase in mobile ransomware variants. Researchers identified 27,000 new types and blocked an average of 23,795 malicious apps per day. And, on the macro scale, the U.S. topped the list of countries for most mobile malware blocked, representing 57% of all blocks.
Generally, applications are downloaded from a handful of reputable stores, such as Google Play, the App Store, Samsung Galaxy Apps, etc. Although the high volume of applications in these stores has historically proven a security challenge, most apps featured in these stores have been vetted or pruned. It is lesser known, third-party application stores that more often feature apps laden with malware. Symantec reported that 99.9% of detected mobile malware came from these third-party stores.
Certain categories of applications were also more likely to contain malware. Arranged by likelihood:
- Lifestyle apps (27.3%)
- Music and Audio (19.7%)
- Books and Reference (9.9%)
- Entertainment (6.2%)
- Tools (5.5%)
Tip: Looking to keep your mobile device safe? Here are five ways to avoid SMS phishing attacks.
So what makes an application malicious? Unfortunately, the answer is not always so clear cut, particularly due to the rise in "grayware" applications. Grayware has become something of an umbrella term for applications that are troublesome for users, but "aren't completely malicious." These applications can include hack tools, accessware, spyware, adware, dialers, and joke programs, often barraging recipients with pop-up ads or site redirects. Moreover, grayware can leave a device vulnerable to more severe types of malware, including viruses and Trojan horses.
Symantec reported a 20% increase in grayware application variants in 2017, for a total of 3,655 types. Of these:
- 63% were found to have leaked the device's phone number
- 37% leaked device location
- 35% leaked installed application information
Some of these apps intentionally thwart user attention by disappearing after installation. Once downloaded these apps essentially become "invisible", erasing their tracks while continuing to harvest sensitive user information. Other types will wait for a designated amount of time to pass before initializing, so as to avoid raising suspicion.
Image courtesy of The Wrangler.
Fortunately, malicious mobile applications are a threat that can be carefully avoided. Here are a few things to remember, before your next download:
- Regularly update your mobile device(s)
- Only download applications from reputable app stores
- Check the logos—many malicious apps will mimic well-known brands, so as to appear legitimate
- Read the permissions requested by apps
- Install a mobile security application such as Microsoft Enterprise Mobile Suite + Security to protect and isolate corporate data
- Routinely back up sensitive/important information
Consider leveraging a resource such as Microsoft EMS for advanced mobile protection, keeping you, and your network, safe.