Malicious mobile apps doubled in last 12 months


By Amy Sarcevic
Thursday, 04 June, 2020


Malicious mobile apps doubled in last 12 months

Cybercrime targeting mobile users is on the rise during COVID-19 with the number of malicious mobile applications doubling to more than 29,000 in the first quarter of this year, according to data from Upstream.

The company’s anti-fraud platform — which covers 31 mobile operators across 20 countries — also detected a 55% spike in fraudulent mobile transactions and an increase in malware-infected mobile devices.

Concerningly, nine of the top 10 malicious apps identified this year were available on Google Play, meaning they had passed security checks. In 2019, 30% of them had made their way onto the platform.

Most of these apps (six out of 10) were leisure-orientated — with categories such as “video players & editors”, “news & magazines”, “games” and “social” among the most popular targets.

Geoffrey Cleaves, Head of Secure-D at Upstream, said the data clearly indicates the desire of threat actors to exploit the behavioural trends of mobile users, during COVID-19 lockdown.

“With the majority of the world having shifted indoors, there were some darker forces acting to make a profit from the lockdown situation. At Secure-D, we’ve seen a sharp increase in bad actors publishing ‘leisure’ apps on the Google Play Store which trick users into subscribing for premium services,” he said.

Exactly how much the COVID-19 pandemic will continue to shape 2020’s figures remains to be seen; however, the impact is likely to be significant, Cleaves added.

“Being in lockdown means prepaid customers will find it difficult to get out the front door to top up their data bundles,” he said.

“In the meantime, malware could be eating into those data bundles. I suspect we may see a drop in mobile internet traffic, and successful billing attempts, in predominantly prepaid developing markets while lockdowns are in force.”

The most troublesome app so far this year has been Snaptube, a video downloader app downloaded more than 40 million times worldwide.

In 2019, Upstream’s Secure-D platform logged 70 million fraudulent transactions through the app — blocking 32 million of them. The app is still available through many third-party app stores.

Image credit: ©stock.adobe.com/au/tadamichi

Related News

Researchers develop quantum-safe blockchain protocol

Researchers have developed MatRiCT, a blockchain protocol that is secure against quantum...

NAB bolsters cybersecurity with bug bounty

NAB, in partnership with Bugcrowd, has launched a cyber bug bounty program, with a reward for...

ZeroLogon vulnerability being actively exploited

Microsoft has warned that attackers are attempting to actively exploit the ZeroLogon escalation...


  • All content Copyright © 2020 Westwick-Farrow Pty Ltd