Mobile Applications are now becoming part of most of the IoT (Internet of Things) devices, and cybersecurity threat actors are tricking the users by taking advantage of it.
With the expansion of the technological ecosystem, the use of mobile applications is also expanding. Now, mobile apps are not just part of your smartphones. There is the use of these apps in various other devices like smartwatches, laptops, television, etc. You can download any application from the Google Play Store or Apple App Store just by a single click as there are millions of free apps available there. However, never think that all these free applicatons are safe and secure for use. There are several free apps that are malicious and can pose serious cybersecurity threats to the user.
The most common cybersecurity threat 2020 relating to malicious apps is creating imposter apps by the adversaries and using them to spread malware. The main aim here is to spread malware to get hands-on users’ personal information or stalk users’ activities. There are incidents of cyberattacks using malicious apps which recently came into light:
- Researchers recently spotted the Joker Trojan infection in 17 android apps that were available free at the Google Play Store at the end of September. For bypassing the Google play vetting process, all of these malicious apps were pretending to be utility service apps.
- A similar type of malicious software infection was seen in 6 apps available in Google Play Store at the start of September month. However, Google took immediate action and removed all these malicious applications. The total downloads of these apps were around 200,000.
- The adversaries’ primary objective in both the above cases was to pilfer the contact lists, SMS messages, and other essential information from the device to deceit the users into signing up for premium service subscriptions.
- In the recent malicious app events, there is also the name of Cerberus Trojan, which poses as some other app to initiate malicious activities on the user’s device without giving the user any hint about it.
- There are instances of seven adware apps too, which are available on both Google Play Store and Apple App Store. ZDNet shed some light on the malicious activities launched by these apps. The most interesting thing is that the promotion of these apps was on well-known platforms like TikTok and Instagram.
Increased Use Of Third-Party App Stores
The incidents of malicious applications are not just a part of the Apple App Store and Google Play Store. The frequency of cybersecurity threats relating to malicious apps doubles in the case of third-party app stores.
- There was a recent incident in which a threat actor group, known as APT-C-23, made use of a fraudulent android app store, Digital Apps, and spread a malware named Android/SpyC23.A. This malicious software distribution was done by camouflaging apps like Telegram, weMessage, and Threema.
- There are various third-party app stores that are still being used by the adversaries to distribute the Cerberus Trojan.
Point Worth Noting
With the increase in the number of malicious activities, there is a massive hike in the distribution and expansion of malware. The malware is now targeted towards stealing credential information and other users’ sensitive data using malicious applications. Researchers recently disentomb an Alien malware that can harvest credential details from 226 Android apps, and most of these apps were banking applications.
With the evolution process going on in the digital era, nothing is safe. For safeguarding our devices and personal information, there is a need to become more self-aware and vigilant. We recommend you always make use of official app stores to download applications as there are high chances of downloading a malware infected application using a third-party app store. As we read in this article that even the official app stores are not completely safe. In such a case, it will be wise to read the reviews of the application before downloading it. If there are doubts about an app’s security, it’s better not to download such an application.