Holy Book Apps Dish out Malicious Code

By   ISBuzz Team
Writer , Information Security Buzz | Dec 31, 2015 05:00 pm PST

Proofpoint researchers recently analyzed a wide variety of apps available on iOS and Android app stores and quantified the extent of the risk they pose to their users, as well as their personal and company data. One of the key findings from the study is that clearly, one cannot ‘judge a book by its cover’: from card games to flashlights to holy books, some apps steal data, some track users’ location and message contacts while others make unauthorized calls.

Key findings from the study are detailed below:

  • Proofpoint researchers recently analyzed 38,000 gambling, flashlight and holy book mobile applications and found that appearances can’t always be trusted. An alarming number are stealing data, tracking users’ locations, accessing contacts and even making unauthorized calls.
  • Bible applications had the highest rate of malicious code than any other category in this research with 3.7 percent or 26 out of 5,600 applications. Proofpoint defines malicious code as code that attempts to exploit the mobile OS in order to access data and services for which they do not have permission.
  • Of the 23,000 free gambling applications examined, nearly 14 percent exhibited risky behavior including conducting an alarming amount of external server communication. In total, more than 1,800 servers across 41 countries are receiving user data.
  • Proofpoint analysis found that one of the most popular Bible apps sends data to sixteen servers in three different countries. It reads the user’s SMS messages, address book, and device and phone information, tries to exploit cross-app interaction if the device is rooted, and can even make phone calls on your behalf.
  • Similar analysis was conducted on Quran applications and researchers found one of the ten most-downloaded apps is clearly riskware. It installs itself as a boot-time app and communicates to thirty-one different servers, reads SMS messages, sends messages from the user and can look up the user’s GPS location.
  • Something as seemingly utilitarian as a flashlight application can even host malicious code and communicate user data to app owners. Of the 5,600 applications examined, more than 678 servers across 28 countries are actively receiving data on from these apps.
  • The existence – and surprising prevalence – of riskware in seemingly legitimate apps is a valuable reminder that organizations need a mobile app security strategy. Organizations should define policies and deploy solutions that enable them to identify and control these apps before they can impact security posture.

f031e019 c261 4ab3 9d86 f4a74f44c78bMedia statement:

“When it comes to malicious apps, apparently nothing is sacred. The surprising prevalence of riskware in religious texts’ apps provides further evidence that mobile users — and their employers — need to be far more security-conscious. The findings are also a valuable reminder of the importance of a mobile app security strategy for organizations. To protect employees and users from unscrupulous scammers and cybercriminals– and against riskware and malicious apps in general – organizations should define policies and deploy solutions that enable them to identify and control these apps before they can impact the organization’s security posture.” – Kevin Epstein, VP of Threat Operations at Proofpoint.

[su_box title=”About Proofpoint” style=”noise” box_color=”#336588″]proofpoint_logoProofpoint Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information.[/su_box]