On September 10, 2015 our guest blogger Fortinet, reported about malware issues within Androids, specifically with ‘Stagefright’. Today the focus has shifted toward third-party app stores, which do not have the same level of frontline security, nor the same level of monitoring/reporting as certified stores like Google Play or Apple’s ‘The App Store’. Some users may be enticed to download from a third-party if there are no region locks for certain apps, or availability due to app developers partnering with these third-party stores.
What Android users seem to keep forgetting is that when you install from these stores, they require the user to allow an installation from “unknown sources”. Aptoide, Mobogenie, mobile 9, and 9apps, are noted third-party stores that have a history with malware within their apps. [i]
Trend Micro reports that there are currently 1,163 malicious Android application packages, the format used by Android operating system for distribution and installation of mobile apps, detected as ANDROIDOS_LIBSKIN.A. This malware obtains root access to user’s phones, in other words the, highest level of access that can be achieved. These mobile apps were downloaded across 169 countries between January 29 and February 1 of this year. The following chart shows the distribution among countries.
Image retrieved from Trend Micro
This malware, once taken root within the phone, has the ability to start downloading other apps without the owner’s knowledge. These new downloads will appear to the users as ads that may lure the owner into downloading additional infected apps, or simply collect data and forward the information to the attacker. Though it’s encouraged to always download from a recommended source like Google Play, if you are going to download from a third-party we recommend that you – DO YOUR RESEARCH. Always check the reputation of a site or store before you download anything. We are all guilty of having absolute trust in our mobile devices, but they can be just as susceptible, if not more, to breaches than our computers.
Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.