Proofpoint researchers recently analyzed a wide variety of apps available on iOS and Android app stores and quantified the extent of the risk they pose to their users, as well as their personal and company data. One of the key findings from the study is that clearly, one cannot ‘judge a book by its cover’: from card games to flashlights to holy books, some apps steal data, some track users’ location and message contacts while others make unauthorized calls.
Key findings from the study are detailed below:
Proofpoint researchers recently analyzed 38,000 gambling, flashlight and holy book mobile applications and found that appearances can’t always be trusted. An alarming number are stealing data, tracking users’ locations, accessing contacts and even making unauthorized calls.
Bible applications had the highest rate of malicious code than any other category in this research with 3.7 percent or 26 out of 5,600 applications. Proofpoint defines malicious code as code that attempts to exploit the mobile OS in order to access data and services for which they do not have permission.
Of the 23,000 free gambling applications examined, nearly 14 percent exhibited risky behavior including conducting an alarming amount of external server communication. In total, more than 1,800 servers across 41 countries are receiving user data.
Proofpoint analysis found that one of the most popular Bible apps sends data to sixteen servers in three different countries. It reads the user’s SMS messages, address book, and device and phone information, tries to exploit cross-app interaction if the device is rooted, and can even make phone calls on your behalf.
Similar analysis was conducted on Quran applications and researchers found one of the ten most-downloaded apps is clearly riskware. It installs itself as a boot-time app and communicates to thirty-one different servers, reads SMS messages, sends messages from the user and can look up the user’s GPS location.
Something as seemingly utilitarian as a flashlight application can even host malicious code and communicate user data to app owners. Of the 5,600 applications examined, more than 678 servers across 28 countries are actively receiving data on from these apps.
The existence – and surprising prevalence – of riskware in seemingly legitimate apps is a valuable reminder that organizations need a mobile app security strategy. Organizations should define policies and deploy solutions that enable them to identify and control these apps before they can impact security posture.
Media statement:
“When it comes to malicious apps, apparently nothing is sacred. The surprising prevalence of riskware in religious texts’ apps provides further evidence that mobile users — and their employers — need to be far more security-conscious. The findings are also a valuable reminder of the importance of a mobile app security strategy for organizations. To protect employees and users from unscrupulous scammers and cybercriminals– and against riskware and malicious apps in general – organizations should define policies and deploy solutions that enable them to identify and control these apps before they can impact the organization’s security posture.” – Kevin Epstein, VP of Threat Operations at Proofpoint.
[su_box title=”About Proofpoint” style=”noise” box_color=”#336588″]Proofpoint Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information.[/su_box]
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.