Android Apps Vulnerable to Malware and Cyber Attacks

Consumers spend more time on mobile devices than they do watching television, using mobile apps for working, banking, socializing and everything in between. However, as mobile app usage continues to rise, so does the threat of cyber attacks. 
A new report from FireEye identifies mobile apps as a serious threat due to both targeted malware on mobile platforms, and non-malicious apps with serious vulnerabilities. As individuals and companies increase their reliance on mobile apps, the necessity of addressing these vulnerabilities becomes increasingly important.

Mobile app usage on the rise

A report published by Flurry states that mobile app usage dominates the time consumers spend using their mobile devices. In March 2013, the average US consumer used his or her mobile device for 2 hours and 19 minutes per day, with 80 percent of that time spent using apps. By April 2014, the amount of time spent by users on their devices had increased to 2 hours and 42 minutes, with 86 percent of that time dedicated to app usage.
Although social media giants like Facebook (NASDAQ:FB) and Google (NASDAQ:GOOGL) are striving to control the app marketplace, much diversity in app usage remains. Together, Facebook and Google probably command less than 25 percent of the time consumers spend on mobile devices. Meanwhile, ComScore estimates that the 10 top franchises account for less than 40 percent of mobile usage. This growth in app usage, coupled with the broad range of apps that consumers use, illustrates that apps are only increasing in importance. Security specialists need to be prepared to deal with the potential vulnerabilities that this rise entails.

Android vulnerable to malware surges

Mobile malware attacks have the potential to be incredibly damaging, as mobile devices contain personal data, business and location information as well as private photographs. Android devices are particularly vulnerable to these attacks, with 96 percent of malware targeting these mobile devices. Unfortunately, the number of malware attacks only appears to be growing. According to FireEye, a total of 240,000 unique malware samples counted in 2013 had risen to 390,000 unique samples in the first three quarters of 2014.
In particular, mobile app users need to be aware of financial fraud. There was a nearly 500-percent increase in the number of Android apps designed to steal financial data in the latter half of 2013. Of note is KorBanker, which targeted several popular banking apps to steal money. Masquerading as an app in the Google Play store, the KorBanker Trojan tricked users into granting it device administrator permissions; it then input their banking credentials and stored them on servers in Hong Kong. This situation serves as a cautionary tale for app users who take Google Play apps at face value, when indeed they could be hiding dangerous malware.

Check Point responds to vulnerabilities

Pure-play security vendor Check Point Software Technologies (NASDAQ:CHKP) is responding to Android devices’ vulnerabilities. Last Thursday, it announced that its mobile security research team has discovered a vulnerability in Android devices that allows apps to gain “illegitimate privileged access rights which are typically used by remote support applications that are either pre-installed or personally installed on the device.” Attackers can exploit this vulnerability to access all of the information stored on a mobile device.
Dorit Dor, vice president of products at Check Point, stated, “[e]very day, people around the globe use mobile devices to manage important aspects of their lives: they access work email, manage bank accounts, and track health information. The problem is, they rarely stop to think about whether their data is secure. This vulnerability is very easily exploited, and can lead to the loss and dissemination of a user’s personal data. It’s time to take mobile security seriously.”
The company has launched Check Point Mobile Threat Prevention, a mobile security solution that fights malware and cyber attacks by delivering real-time visibility and threat intelligence to an organization’s existing security infrastructure.

iOS threats relatively minimal

Due to the rigorous review process of Apple’s app store, iOS malware is relatively unusual. However, the FireEye report uncovered a roundabout delivery channel for malware that bypasses the company’s standard review process.
Named EnPublic apps, these published apps exploit Apple’s iOS Developer Enterprise Program (originally designed for building in-house apps) to circumvent normal security and privacy controls. Over 1,400 apps signed with enterprise certificates are freely available on the internet, and more than 80 percent of these use prohibited APIs. These apps often mimic authentic Apple apps and trick users into downloading an EnPublic app through text message or e-mail. Although that represents a small volume of malware in the overall app landscape, this particular avenue of cyber fraud appears poised to increase, presenting a serious threat for the future.
 

Securities Disclosure: I, Morag McGreevey, hold no direct investment interest in any company mentioned in this article.

Related reading: 
What is Cybersecurity Investing?
What is App Investing?