Malicious apps on the rise: number of blacklisted apps across mobile app stores increases

Apps outside of app stores and Google Play Store apps present the greatest risk for malicious content, according to a new report from digital threat management firm RiskIQ. The Mobile Threat Landscape Report examined 120 mobile app stores and over two billion daily scanned resources and noted an overall increase in blacklisted apps in Q3 compared to Q2. In addition, imitation and Trojan apps are increasingly making an entrance on app stores.

According to the data, the leading developer for blacklisted apps is Nyi Subang Larang in Q3, which presents exclusively in the Play Store.

Overall, Google managed to decrease the number of malicious apps in its store to 4% compared to 8% in Q2.

Meanwhile, the AndroidAPKDescargar doubled its number of malicious apps to 20,907, which now make up a third of its total apps.

RiskIQ explains that some app stores are now being launched which feature huge amounts of such malicious apps. Researchers at the firm have speculated that this may be a scheme in order to blur the lines and make it harder to detect stores with bad apps.

Imitation is one way through which malicious apps can be spread. Indeed, antivirus, dating, messaging and social networking apps are among the favourite targets. For example, searching for “WhatsApp” resulted in 497 entries.

In addition, the report also states that Q3 saw a large new mobile botnet attack called WireX. Around 300 apps which are linked to WireX have already been identified, some of which were found in the Google Play Store. Google has been removing these apps from Android devices and blocking the apps.

Apps like these tend to imitate ringtone and player apps which launch attacks on devices once installed.

“Securing the mobile app ecosystem continues to be a challenge for app stores of all sizes, but efforts to improve version control, monitor for abuse, employ verification techniques, and offer security education can help,” said Mike Wyatt, director of Product Operations at RiskIQ. “Tracking the use of brand names and likeness is an equally daunting challenge for corporations. Brands should evaluate and implement solutions that constantly monitor their digital footprint online and in mobile app stores.”