The app store malware minefield: What to watch out for
Android is the most popular platform for mobile devices around today, with a 2015 report by G DATA showing Android exceeded a 60 per cent global market share that year(1). A majority of users take advantage of the Google Play Store to download a myriad of apps, from games, to activity trackers, to mobile banking apps.
However, recent reports are showing that downloading apps can be a potentially risky activity, with a large assortment of fake applications containing malware constantly being detected on the Play Store. With this in mind, it is essential for Android device users to have a good understanding of what could be hidden in their mobile apps, and know how to avoid downloading malware by mistake.
Malware in the Play Store
With such a large group of users available to target, many cybercriminals are taking advantage of the Google Play Store to upload apps containing threats. According to a 2015 report by Pulse Secure Mobile Threat Center, 97 per cent of all mobile device malware is directed at Android devices, showing how users of this platform need to be especially careful when installing applications(2).
The number of malware threats also appears to be increasing, and G DATA security specialists found that 2015 saw 21 per cent more different strains of malware compared with the previous year. In fact, in the first quarter of 2015 there were nearly 4,900 new malware files detected every single day. The report also states that around half of this Android malware is motivated by financial gain for the criminal.
There are a number of different forms of malware currently affecting the app market, including adware, Trojans and ransomware. Because these threats often hide themselves in the background of devices and strategically root into the software, they can be extremely difficult for users to detect and remove.
Consequently, it's a good idea to know what malware is currently having a big impact.
The pornography clicker invasion - Android users beware!
Security solutions specialist ESET announced in late February of this year that there has been a surge in a form of malware, a pornography clicker, entering the app store disguised as legitimate apps, and infecting user's devices.
Avast claims that the malware works by hiding in the background of the device, secretly launching pornography links on an invisible browser window and generating revenue for the app developer by clicking through pay-per-click ads(4). The pornography clicker apps have infiltrated the Play Store past the Bouncer, Google's security measure, and are able to detect whether any antivirus protection is installed in the device.
We Live Security, ESET's blog, says the clicker is hidden in the Play Store under the guise of a number of well know apps, such as Grand Theft Auto and Subway Surfers(5).
"This is a true campaign: a single family of malicious apps masquerading as popular games or apps, designed to bypass Google's security checks," said Lukas Stefanko, expert at ESET in an interview with We Live Security(6).
How to avoid downloading malware
In general, Google is taking measures to defend Android users against malware like this. Google claims in its recent Android Security report that since increasing security measures for apps in 2015, users are 40 per cent less likely to accidently install malware(7). The report shows that while protection is also being increased outside the Play Store, this is still the safest place to be downloading applications.
However, the pornography clicker campaign demonstrates that Google's measures are not always 100 per cent successful, and as such Android users need to know how to avoid installing fake apps. ESET advises that people should always check the rating and comments of apps before they download anything. If there are a lot of negative reviews, this is a good indication that the app may be fake and contains malware(3).
Additionally, Mr Stefanko says that preemptive action is always the best approach when it comes to the security of your device, as it often contains more personal information that your computer does(6).
"Don't delay taking security measures until something unusual happens in most cases it's too late as the device may already be compromised and the data lost," he said(6).
"Users should take the same security measures for their mobile devices that they have implemented on their computers I mean using a quality security solution and having a backup of all their important data. On top of that, they should be reasonably paranoid when considering which apps to use and from where to install them"(6).
If you suspect you may have downloaded malware onto your Android device, or that your personal data may have been accessed, contact Equifax. Our cyber-monitoring service Identity Watch (included in our ID Basic, Equifax Advanced and Equifax Premium products) monitors personal information, like email addresses, phone numbers, credit card and bank account details, in illegal forums where stolen information is known to be traded. If your monitored information is found you're alerted so you can take steps to protect your identity.
1. G DATA. Mobile Malware Report. Accessed 22 April 2016.
2. Pulse Secure Mobile Threat Center. 2015 Mobile Threat Report. Accessed 22 April 2016.
3. ESET. Porn Clicker Trojans Continue to Flood Google Play. Accessed 22 April 2016.
4. Avast. Porn clicker app slipped into Google Play imitating popular Dubsmash app. Accessed 22 April 2016.
5. We Live Security. Porn clicker trojans at Google Play: An analysis. Accessed 22 April 2016.
6. We Live Security. ESET expert: Google Play porn clicker 'is a truly large-scale campaign'. Accessed 22 April 2016.
7. Google. Android Security 2015 Annual Report. Accessed 22 April 2016.