App collusion is real, spotted in the wild by Intel Security

Up until today, app collusion for malicious purposes has been in the domain of myths and urban legends, but according to a new report by Intel Security, no more.

The security firm released its latest security report, entitled McAfee Labs Threats Report: June 2016 (PDF), in which it says that it had found some apps capable of app collusion.

For those unaware of the term: app collusion is a practice in which two (or more) apps are commanded by a cyber-attacker, and work together to extract valuable information from a smartphone. It requires for one app (example – a banking app) to hold valuable information, but have limited permission; and another app, to have no such information, but have more permissions AND the ability to communicate with the first app.

In a perfect scenario, the app with permissions will command the other app to give it data, and then it can send it out.

The survey found 5,056 versions of 21 apps capable of app collusion. Those are mostly older versions of useful service apps, such as mobile video streaming, health monitoring, and travel planning, it was said. Specific names of apps were not included.

“Improved detection drives greater efforts at deception,” said Vincent Weafer, vice president of Intel Security’s McAfee Labs group. “It should not come as a surprise that adversaries have responded to mobile security efforts with new threats that attempt to hide in plain sight. Our goal is to make it increasingly harder for malicious apps to gain a foothold on our personal devices, developing smarter tools and techniques to detect colluding mobile apps.”

Image Credit: Kirill Wright / Shutterstock