The growing number of clones of popular apps found in various app stores have become the new means to deploy malware to mobile devices of unsuspecting users, according to a study.
It is a no-brainer that users should be careful while installing apps on their mobile devices by verifying the legitimacy of the vendor and checking the permissions granted for the application to function. However, with the rapid expansion of smartphones, some of which already have pre-loaded malware, and their usage by relatively less tech savvy users, hackers have taken advantage by spreading malware through identical apps.
In the quarterly threat assessment report from McAfee Labs, the firm has revealed that weakness in app security has become a major cause of concern for many users in recent times. The firm showcased the example of "Flappy Bird", which received immense popularity across all app stores within days before the developer discontinued it. Nearly 300 clones of Flappy Bird were sampled by McAfee Labs, out of which 80 percent were found to be malware-ridden.
The report stated, "Some of the behavior we found includes making calls without the user"s permission; sending, recording, and receiving SMS messages; extracting contact data; and tracking geolocation. In the worst cases, the malware gained root access, which allows uninhibited control of anything on the mobile device including confidential business information." The permissions granted to these clone applications are often unrelated to the actual features, but users tend to allow access without giving a second thought -- which can be even more dangerous for users with rooted devices.
Another major issue that has been growing in the mobile world is the lack of proper security mechanisms in certain apps. Legitimate apps with security flaws such as weak encryption in WhatsApp could also pose a huge security threat to the millions of its daily users who willingly share a wide variety of details across the platform. While this is just one example, there might be many more popular apps with a casual approach to security on mobile devices, and McAfee believes that "developers need to protect their apps and services from unauthorized and malicious use."
Source: Yahoo News | Image via Google