Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Trend Micro: Top Android Markets Are Hosting Thousands of Malicious Apps

According to TrendMicro, Google Play and two other top third-party app stores are hosting a combined 1,730 malicious apps as of the first week of this month. As December winds to a close, it’s estimated that tens of thousands would have downloaded them.

According to TrendMicro, Google Play and two other top third-party app stores are hosting a combined 1,730 malicious apps as of the first week of this month. As December winds to a close, it’s estimated that tens of thousands would have downloaded them.

In scale, thousands of potential victims out of a pool of tens of millions is small change. But given that Google has taken such pains to attempt to eliminate malware from their marketplace, the fact they are hosting 500 malicious titles is concerning. Then again, the argument that those 500 are included in millions and the odds of downloading them are low is also valid.

Image Credit: Trend Micro“Though app providers have implemented certain regulations to mitigate the ruckus of malicious or high-risk apps, we are still noticing that these apps are being peddled on popular third party app providers. Some were even downloaded more than 100,000 times. During December 5th- December 10th, we found that a total of 1,730 can still be downloaded from Google Play and two other third party app providers we’ve observed,” Trend Micro’s Symphony Luo wrote in a recent blog post.

Of the malicious titles available, most are fake applications, which tend to display annoying pop-up adverts and harvest personal information. Other types of malware discovered included the apps that download additional malicious software, known as GAPPUSIN. They too are responsible for information theft.

“The selling point of the Android platform is the freedom it gives to users to download apps from different app providers. Users have the option to install apps from whichever sites they prefer. This freedom, however, has been leveraged repeatedly by malicious developers and cybercriminals who want to take a bite of the Android craze,” Luo added.

“With the way things are going, it may take a while before we see a decrease in malicious Android apps. As the platform is poised to overshadow its competitors, we can even expect an increase in this threat… What does this mean for Android users? In a nutshell, they remain targets of shady developers and criminals who are bent on taking advantage of the platform. Thus, one can never be too careful in downloading apps, even from Google Play.”

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.