Lookout, a mobile security company, has issued a report that illustrates the rise of applications infected by malware (programs built with a malicious intent) on mobile platforms. I was particularly interested by how “pirates” can sneak malicious code in apps that were originally legitimate.
The graph above shows that a malicious that instead of creating a bogus application from scratch, pirates have adapted to using popular and legitimate applications has “hosts” for their malicious code. They start by adding code to an already existing app, then submit this application to a 3rd party app store where the original app may not already reside (each app has a unique ID for each store). To lure unsuspecting users to download the app, the pirates use advertising, phishing or spam sites – whichever works better.Users may be using an infected app, and never realize it. This is dangerously smart and is a much more efficient way to spread malware, and that’s why it is so dangerous. Of course, you can reduce the odds of being a victim by sticking to the official store, but it’s not that hard to be fooled or too trusting.
This is definitely not the only way to get into a user’s phone, but the distribution potential is much greater than when the pirates create a seemingly legitimate app from the ground up. Once in place, the malicious code can send SMS and charge a wireless carrier for small amounts – name it, and the pirates have thought of it.
Although the odds of being attacked are relatively low, they are rising, and you can protect yourself by being more aware when dealing with 3rd party stores that you don’t trust.
Lookout’s report is of course far from being selfless: it is a way to educate consumers about the dangers lurking around, but also to tell them that there is a way to protect oneself… by using their product.
Although we can disagree on the magnitude of the problem, and the level of real danger, it is good to be aware that such threats exists.
The full document will be available at this page shortly.