Malware-infected Android apps spike in the Google Play store
Wallpaper Dragon Ball and Finger Hockey were among the most downloaded malicious apps
IDG News Service - The number of mobile apps infected with malware in Google's Play store nearly quadrupled between 2011 and 2013, a security group has reported.
In 2011, there were approximately 11,000 apps in Google's mobile marketplace that contained malicious software capable of stealing people's data and committing fraud, according to the results of a study published Wednesday by RiskIQ, an online security services company. By 2013, more than 42,000 apps in Google's store contained spyware and information-stealing Trojan programs, researchers said.
Apps designed to personalize people's Android-based phones were most susceptible, as well as entertainment and gaming apps. Some of the most malicious apps in the Google Play store downloaded since 2011 were Wallpaper Dragon Ball, a wallpaper app, and the games Finger Hockey and Subway Surfers Free Tips.
Both Wallpaper Dragon Ball and Finger Hockey, RiskIQ said, have malware that steals confidential information such as device IDs from infected devices. Subway Surfers Free Tips, meanwhile, uses a Trojan called Air Push to bypass a device's security settings and subscribe infected phones to premium services, the company said.
RiskIQ performed its analysis using its own software that crawls app stores, websites and web ads. The technology, the company said, exposes malware that would otherwise not show itself to traditional web crawler software.
Android apps were only counted as being malicious if they behaved in specific ways as a result of malware. The behavior may include: collecting and sending GPS coordinates, contact lists and e-mail addresses to third parties; recording phone conversations and sending them to attackers; taking control of the infected phone; or downloading other malware onto the phone.
Apps in Apple's store were not analyzed.
The findings show that the rising prominence of mobile apps among consumers also makes them a juicy target for hackers. Reports of possible malware in clones of the popular Flappy Bird mobile game recently surfaced, even after it was removed from app stores.
"The explosive growth of mobile apps has attracted a criminal element looking for new ways to distribute malware that can be used to commit fraud, identity theft and steal confidential data," said RiskIQ CEO Elias Manousos, in announcing the findings.
Malicious apps are an effective way to infect users, he said, since they often exploit the trust people have in brands and companies they do business with.
But while the number of malicious Android apps is rising, the percentage of them removed by Google is on the decline, researchers said. In 2011 Google removed 60 percent of malicious apps, but in 2013 the company removed less than a quarter of them, the report said.
That's probably due to the rapid increase in malicious software. The overall number of malicious apps removed by Google still increased from roughly 7,000 in 2011 to nearly 10,000 in 2013.
Google said it would need more information about RiskIQ's analysis to comment on the findings.
Google's Android OS
- Why Samsung needs to move beyond Android -- and Google
- Samsung Gear Live vs. LG G Watch: A real-world evaluation
- Android Wear deep-dive review: A smart start to smartwatch software
- OnePlus One deep-dive review: Unbeatable value for Android geeks
- Review: 5 video editing apps for Android
- Malware-infected Android apps spike in the Google Play store
- Nokia plans forked Android smartphone for Barcelona unveiling
- LG G Flex deep-dive review: The curious case of the curved phone
- Xperia Z1S deep-dive review: A stylish phone with power and panache
- Low-end smartphone battle forces Nokia to Android
- Use the Mobile App Mix to Choose an Enterprise App Store Strategy In this research report Gartner outlines how organizations can optimally secure, distribute, and manage mobile applications for employees and contracted workers.
- The Case for Mobile Apps Today's mobile apps turn handheld devices into e-book readers, portable navigation systems, digital wallets and more. And for organizations with mobile workers, they...
- The 5 Big Lies About Going Mobile You've heard about the power of mobile to change your business. But have you realized your mobile potential? It's about much more than...
- Transforming enterprise applications for mobile environments This new white paper explains how Dell Application Modernization and Development Solution Set can help you understand when to develop new mobile apps,...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Mobile Apps White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!