Malware Hides in Clones of Legitimate Paid Mobile Apps

Hackers are once again exploiting one of the oldest ways to infect victims with malware. Security researchers have discovered that there is still a significant number of mobile apps loaded with malware. The malicious apps are designed to hook into one particular type of user - those who wish to freeload and pirate legitimate apps.

Fake free versions of paid apps spread mobile malware

A researcher team with French mobile security company Pradeo discovered that there is a disturbingly high number of active websites that spread malware through fake copies of paid or subscription-based mobile apps, offered seemingly for free to potential mobile pirates.

Of course, the majority of those apps target Android systems, as Apple's iOS is much more fenced-off as a system, and installing apps from ransom websites is next to impossible. However, the open nature of Android as a platform makes it particularly susceptible to similar intrusions. Of course, the blame here is first and foremost with the users who are trying to freeload paid software.

The Pradeo team observed a particular trend among the malicious apps distributed on the websites in question. A large number of the malicious content was designed to mimic legitimate applications, but ones that require payment or some type of subscription to make use of all their features. This lures in users who are hoping to use the app's premium functionality without paying. However, all that happens once they download the "free" fake app is that malware lands on their phone and spies on them or exfiltrates data.

When you are looking to reel in freeloader users like the hackers do, all you have to do is optimize your website for the keywords people looking for free payware would use. Sadly, it seems search engines do rank and display those websites, even though the content on them is malicious.

Netflix among most commonly spoofed apps

To give some perspective on the issue, Pradeo quoted finding not just a few but literal hundreds of knockoffs of the Netflix app, claiming to have a free subscription inside, while only carrying malware.

As with all software, whether you use your desktop computer or your mobile phone, the best solution is always using legitimate app storefronts when you need a new app. Those marketplaces and platforms have the highest levels of curation and even though there have been cases where an app with malware cleverly hidden inside it has stayed up on the Google Play Store for weeks, the chance of running into one there is infinitely smaller than if you use a random website offering Android apps that are very likely malware-laced.