SYS-CON MEDIA Authors: Lori MacVittie, Gilad Parann-Nissany, Unitiv Blog, Bob Gourley, Kevin Benedict

News Feed Item

RiskIQ Reports Malicious Mobile Apps in Google Play Have Spiked Nearly 400 Percent

RiskIQ, the company that protects corporate brands and their customers on the Internet, today announced research findings on the presence of malicious apps contained in the Google Play store. The company found that malicious apps have grown 388 percent from 2011 to 2013, while the number of malicious apps removed annually by Google has dropped from 60% in 2011 to 23% in 2013. Apps for personalizing Android phones led all categories as most likely to be malicious.

CLICK TO TWEET: .@RiskIQ finds malicious #mobileapps in #GooglePlay have Spiked Nearly 400 Percent http://bit.ly/1hsrWId

The results were gathered by the RiskIQ™ for Mobile service, which continuously monitors mobile application stores to detect suspect applications, application tampering and brand impersonation. For this survey, RiskIQ only counted Android apps in the Google Play store as malicious if they are/contain spyware and (SMS) Trojans that:

  • Collect and send GPS coordinates, contact lists, e-mail addresses etc. to third parties
  • Send SMS messages to premium-rate numbers
  • Subscribe infected phones to premium services
  • Record phone conversations and send them to attackers
  • Take control over the infected phone
  • Download other malware onto infected phones

“The explosive growth of mobile apps has attracted a criminal element looking for new ways to distribute malware that can be used to commit fraud, identity theft and steal confidential data,” said Elias Manousos CEO of RiskIQ. “Malicious apps are an effective way to infect users since they often exploit the trust victims have in well known brands and companies they do business with like banks, insurance companies, healthcare providers and merchants. Our unique visibility directly into App Stores allows us to shine a light on this problem and prevent attackers from impersonating brands to exploit their customers.”

Summary of Findings

Using a distributed global proxy network RiskIQ continuously scans and interacts with mobile apps in leading app stores via synthetic clients that emulate real users. This patent-pending technology exposes malware that would otherwise not “show itself” to traditional web crawler software. The highlights of the RiskIQ for Mobile research on the Google Play store include:

Percentage of Malicious Mobile Apps

 
2011 2012 2013
2.7% 9.2% 12.7%
 

Percentage of Malicious Mobile Apps Removed

 
2011 2012 2013
60% 40% 23%

 

Top Five App Categories with Most Malware

2011       2012       2013
1. Entertainment       1. Personalization       1. Personalization
2. Education/Books       2. Entertainment       2. Entertainment
3. Media/Audio/Video       3. Education/Books       3. Education/Books
4. Personalization       4. Media/Audio.Video       4. Media/Audio.Video
5. Sports       5. Sports       5. Sports

RiskIQ will demonstrate its RiskIQ for Mobile service next week at RSA Conference South Expo Booth #2341.

About RiskIQ

RiskIQ protects corporate brands and their customers on the internet. The company combines a worldwide proxy network with synthetic clients that emulate real users to monitor, detect and take down malicious and copycat apps, drive by malware and malvertisements. RiskIQ is being used by leading financial institutions and brands in the US to protect their web assets and visitors/users from security threats and fraud. RiskIQ is headquartered in San Francisco and is backed by growth equity firm Summit Partners. To learn more about RiskIQ, visit www.riskiq.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.