24,000 Malicious Mobile Apps Are Blocked Every Day. What Are the Risks of Using One?

malicious mobile apps

Did you know that information stealing mobile apps exist? Did you know that hundreds and thousands of malicious apps are blocked every day? Yes, apps that are meant to assist you and offer you great services can be dangerous too, and, unfortunately, Google Play, Apple's App Store, and other reputable app sources can promote them. According to a report published by Symantec, averagely 24,000 malicious mobile apps were blocked every day in 2017 on Google Play. This showed an increase of 54% when compared to the statistics of 2016. The report concluded that the biggest issue that led to such socking numbers was users' inability to update their operating systems.

Without a doubt, outdated and unsupported systems are more susceptible to malware, but even if you are using the latest version of your mobile OS, you could be at risk. If you download malicious apps, your mobile number could be leaked – according to Symantec, 63% of all malicious apps can do that – as well as lead to many other security issues. If you want to learn more about information stealing mobile apps and identity theft, and you want to learn how to recognize malicious apps and protect your device against them, you should continue reading.

How to spot malicious apps to avoid identity theft

If you own a phone, tablet, smartwatch, or any other kind of device that allows you to download apps, you need to learn how to evaluate them, so that you can spot malicious apps and, potentially, evade identity theft and other issues that come along with them. In some cases, recognizing malicious apps can be very easy, but malware creators are learning from their mistakes with every malicious app they release, and that, unfortunately, means that they are becoming better and better at disguising real threats. If you want to evade such apps, you need to be looking at a few specific things.

  • Download from reputable sources ONLY. As mentioned before, malicious apps can be spread using legitimate app stores, such as Google Play. Although most of these apps do not reach users because they are blocked before they are approved by the app store, some of them manage to slip through the cracks. In June 2018, the payload of Anubis malware capable of stealing login data of banking apps was concealed using apps that appeared to offer legitimate services. According to researchers, 10,000 people downloaded malware without knowing about it. While you need to be careful regardless of the source you download apps from, your chances of encountering malicious apps definitely increase if you use unreliable app stores.
  • Reject apps that demand ridiculous permissions. It makes sense if an application that is meant to give you directions (e.g., Google Maps) asks to track your location. On the other hand, if the app does not need your location for any apparent reason, there also is no reason why you should grant this permission. Permissions are introduced to you when you download apps, and you must evaluate them carefully. You have to be particularly careful about apps that request access to your messages, phone calls, payment-related data, access to other apps, etc. If you are suspicious about anything, it is best to reject the app and find a better alternative. After all, you do not want to experience identity theft for some app that, allegedly, can offer you benefits, do you?
  • Be careful about shady apps. When you install new apps, you need to look not only at permissions but also the developer and app's description. It is worth it to take your time to quickly look up the developer to see what you can find. If you do not find any information at all, that is a red flag. If the developer's website offers vague information, you've got another red flag. If you discover that you can contact the developer using a free email service (e.g., Gmail), you need to run and never look back. And what if there are no contact details at all? Game over. When it comes to the description of the app, look for poor grammar and too-good-to-be-true promises.
  • Remember that reviews and ratings can be forged. Have you found an app that does not need strange permissions and whose developer appears to be legit? What about the ratings and reviews? Obviously, if you stumble upon a fresh new app (look at the release date to find out), you shouldn't see a ton of reviews or ratings. If the ratio between downloads and ratings or reviews does not make sense, you need to be cautious. Also, reviews and ratings can be forged, and so if you think you can automatically trust an app that was downloaded thousands of times and has a bunch of 5* ratings, you need to think again.

What happens if you download information stealing mobile apps?

If you end up installing malicious apps, you could become a victim of identity theft, as your passwords, usernames, and other login credentials could be stolen as you type them in. Personal information stealing mobile apps do the dirty deed silently, and so you are not supposed to realize when a malicious app is, for example, recording the login data to a banking app. The aforementioned Anubis malware used a very clever camouflage to obtain such data. The malware would appear as Google Play Protect, and ask the user to agree with the app's ability to observe user's actions and retrieve window content. If the user was tricked into allowing this, Anubis could successfully record personal data using a keylogger function. This allowed the infection to steal sensitive data, perform identity theft, and set up illegal transactions.

In August 2018, 145 malicious apps potentially capable of identity theft were removed from Google Play too. These malicious apps were specifically targeting Windows OS phones. Of course, identity theft and data theft is not all that malicious apps are created for. They could also download malware, spy on users by recording phone calls, text messages, or even using the phone's camera, send messages to premium-rate numbers, record location, and even use the phone to spread malware to contacts via text, chat apps, or social apps. Needless to say, the stakes are high here to ensure that malware does not invade and is removed in time. Here are some red flags that might suggest the existence of malicious apps.

  • Your device's battery drains quicker than usual.
  • Your device suddenly starts lagging, freezing, crashing, or rebooting.
  • You find unfamiliar apps on your device.
  • You discover random ads pop up on the screen.
  • Your mobile data increases or, if a limit exists, is used up quicker.
  • Your phone's bill increases due to unauthorized texts sent to premium-rate numbers.
  • Your browser opens strange websites (for example, app download sites).
  • You discover security apps disabled or removed.

What now!?

If you suspect that a malicious app was downloaded onto your computer, you need to act fast because someone might be trying to perform identity theft and lead to other security-related issues. First and foremost, install a legitimate security app to have your device inspected thoroughly. If threats are detected, they must be deleted immediately. Needless to say, all unfamiliar and suspicious apps must be deleted too. Next, install all available updates because those might include important security patches. If your system is due for an OS upgrade, install it immediately. There's no time to waste! If all fails, take your device to a professional who will know what to do. Hopefully, in the future, you will remember the tips and advice in this report, and you will be able to avoid identity theft and other issues caused by malicious apps.

By Foley
November 6, 2018
Android Malware
English
November 6, 2018
Android Malware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Tips

Top Security Tips for Those Using Banking Apps

Online banking is just one of the many examples of how the Internet and IT, in general, has made the everyday lives of people easier and more comfortable. However, measures taken to improve convenience don't always... Read more

October 26, 2018
Android Malware

At Least 145 Google Play Apps Could Install Keyloggers to Steal Passwords

Sometimes a malicious program could hide in plain sight for a very long time before it gets taken care of. Having that in mind, we would like to talk about how Google had to remove 145 apps from Google Play because... Read more

September 6, 2018
How To

How to Checkup on Your Google Account's Security

Unless you live in a desert or some cabin in the woods with no internet access chances are good that your online life is heavily reliant on Google. Google Chrome is the most popular web browser on the planet, and... Read more

October 30, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.