The dark world of mobile devices: The growing malware problem

Digital channels have become the predominant method of customer engagement for many organisations, bringing with them new challenges for the security and brand management teams. Nowhere is this more the case than in the area of mobile applications. Our insatiable appetite for mobile apps is driving exponential growth in both the number of apps available and the number of app stores hosting them.

Businesses worldwide are capitalising on this trend by using mobile as a preferred channel to reach out to new customers and to provide seamless and secure services to existing customers. However, an exceptionally large mobile ecosystem with millions of applications and hundreds of stores makes it difficult for an organisation to get a view of the security threats and brand issues involved with operating in this space.

Smartphone growth and utilisation globally has resulted in an explosion of the mobile eco-system. While Google Play, iTunes and Windows Phone capture a significant part of the market, there are hundreds of other app stores out there competing to drive traffic and increase their share. The result is a complex network with multiple delivery mechanisms for proliferation of non-branded or malicious applications.

Fraudulent actors increasingly leverage mobile as a channel, especially the Android platform, which is both the most popular platform worldwide and doesn’t require users to jailbreak or root their device in order to install apps from un-trusted sources.

These issues show absolutely no sign of slowing down. In the last few months it’s emerged that over one million Android users have been infected by malware from an app on Google’s Play store, Windows devices account for 80 per cent of mobile malware, an Android porn app was blackmailing users and holding them to ransom and lastly that Apple’s Chinese app store contained malicious applications.

So what is the current situation regarding the app ecosystem and what is the impact to UK organisations?

Application proliferation is wide and rampant

Official applications and applications leveraging the brand are widely copied and distributed in un-official stores. From research we’ve conducted at RiskIQ we’ve found that 90 per cent of brand attributed apps across all sectors exist in unofficial app stores. This application proliferation has a direct impact on consumers as there is a risk of using an unsupported application or worst case, a manipulated version of the authorised application. Brand infringement is also harder to track as apps spread more widely.

Blacklisted (malicious) applications are causing significant risk to end users

Applications that are using a company’s brand but flagged by one or more virus detection products or with links to known malicious sites are classified as a blacklisted application. These applications usually have excessive permissions or redirects to malware with the intent to compromise sensitive information including payment information pertaining to the end user. Our recent research has uncovered that the proportion of blacklisted applications across all sectors is more than 17 per cent. This constitutes a significant risk to customer loyalty and brand reputation.

Feral applications are increasing

Feral applications are unauthorised or malicious apps hosted on websites instead of app stores. These apps are mostly malicious in nature as they are hosted outside the mobile ecosystem for one simple reason – to avoid detection. In our research, feral applications constituted approximately 3 per cent in proportion of the total number of apps. For organisations, feral apps make the task of taking down the applications more difficult.

The two industries that struggle the most with these issues are gambling and media & entertainment. Our research uncovered that the gambling industry has a high number of blacklisted applications which indicates a significant revenue loss for companies operating in this space. Additionally, the percentage of feral applications is highest for gaming apps which implies that there is a consistent attempt to compromise end users using feral applications.

All of these findings indicate that bad actors are using fake apps to distribute malware and capture data from devices in order to commit crimes. Over the next 12 months, we fully expect to see an increase in this type of activity which can be incredibly adverse for businesses. Regardless of whether the company owns these apps or not, when customers experience their data being stolen and used maliciously, the blame falls at the doorstep of the company. In order to protect the company image, as well as valuable and personal data, businesses need to be more aware of the issues surrounding mobile malware and the risks this can pose to not only the organisation’s own network but to their customers as well.

Ben Harknett, VP EMEA, RiskIQ

Image Credit: LoveFreedom / Shutterstock