Why you should stay in Google Play, App Store

Malware infection rates for mobile devices are very low. So low that you have better odds of being killed in a cataclysmic storm in the U.S. Nevertheless, hackers are trying hard to better their chances of success.

Hackers keep trying

Hacked versions of the top 100 paid Android apps on Google Play are available on third-party websites, security software maker Arxan Technologies found. Of the top 100 paid Apple iOS apps, 56 had been hacked and were available outside the App Store.

None of the compromised apps were sold through the official stores of Google and Apple, demonstrating that the risk of having your smartphone infected with malware runs much higher in third-party outlets. Hacked mobile apps typically contain malicious code capable of accessing personal data or sending text messages to paid services set up by the hackers.

Arxan also looked at popular free and financial apps and found many counterfeit versions on unofficial sites. For free apps, the numbers were 73 percent for Android and 53 percent for iOS. With financial apps, the numbers were 80 percent for Android and 40 percent for iOS.

Arxan said it found pirated versions of apps in online stores, such as Cydia, app distribution sites, hacker sites and file download and torrent sites. The vendor also said it found that some hacked versions had been downloaded a half million times.

However, it's doubtful the majority of those downloads caused many problems. A recent three-month study by researchers at the Georgia Institute of Technology found roughly 3,500 mobile devices with malware out of a pool of 380 million. That's an infection rate of 0.0009 percent.

The takeaway

So, while the risk is low, it's worth noting that hackers are still working hard to find ways to get malware on mobile devices. This work ethic hasn't gone unnoticed by IT professionals.

Mobile device risk was their top concern this year, according to an annual study (https://www.lumension.com/2014 5 Years of Endpoint Risk: 2014 State of the Endpoint Study) by security vendor Lumension and the Ponemon Institute. Interestingly, almost seven in 10 of the respondents said their mobile devices had been targeted by malware in the last 12 months.

Without details on the malware, it's tough to say how much of a problem malicious apps were to the IT pros. But it's reasonable to assume they see a potential problem and a reason to continue monitoring mobile malware trends in 2014.

FREE Computerworld Insider Guide: Five IT certifications that won’t break you
Join the discussion
Be the first to comment on this article. Our Commenting Policies