Posted on July 1, 2019 at 10:22 AM
Android users have always been targeted by hackers due to flawed security and numerous vulnerabilities that were easily exploitable through malicious apps. Google Play Store itself constantly receives reports of malicious apps that get removed, sometimes dozens of them at once.
However, this all pales in comparison with the newest warning that has placed Android users on high alert. According to recent information, thousands of apps were found to be infected with malware, and they are still available on the Google Play Store.
A new threat
Android is one of the most popular and most used pieces of software around the world. It is estimated that over two billion devices are currently in use. With so many targets around the world, it is hardly surprising that hackers continue to target Android OS, and in extent — its users.
At the same time, there are some extremely popular apps that can be found on the Google Play Store — the main source of apps for Android devices. According to recent reports, six apps from the Play Store were downloaded over 90 million times. However, these apps are very dangerous, as they are also infected with malware known as PreAMo.
Recently, it was reported that Google Play Store was hosting around 50 malware-infected apps, that were downloaded on 30 million devices, in total. While their discovery and removal was believed to be the end of the threat, a new warning was issued once again, as it now appears that thousands of copycat apps emerged on the Play Store.
The new threat was reported by the University of Sydney in collaboration with CSIRO’s Data61, who recently conducted a study together. The study resulted in a discovery of a massive threat, with thousands of malware-infected apps sitting on the Play Store, in plain sight, waiting to be downloaded.
Thousands of apps confirmed as infected
According to Forbes, this particular study reviewed over 1.2 million apps by using a neural network. It was studying the icons’ design, as well as the wording in the apps’ description. The goal of whether there are potential counterfeits for the 10,000 most popular apps on the Play Store.
As mentioned, the results were quite staggering, with around 49,608 counterfeits being found in total. Worse still, it is believed that around 2,040 of them are malware-infected. In addition, over 1,560 applications asked for multiple dangerous permissions that users might have given without even looking at what the apps asked for.
The report also mentions that there are around 1,407 counterfeits that had five or more additional 3rd-party advertisement libraries. Luckily, there is a positive side to these findings as well, and it lies in the fact that 2,040 of the most dangerous of these apps are already marked as malicious by some of the most widely used malware.
How to protect yourself?
After writing about the threat for Forbes, the Digital Barriers CEO, Zak Doffman, also publishes advice regarding what Android users can do to protect themselves from threats like these. He notes that the most important thing is constant vigilance and common sense. In other words, users must remember to check the app’s source and avoid those from unknown developers. All such apps should be considered as potential threats, and as it turns out — it is very likely that they are dangerous.
Doffman points out that all of the most valuable private information is stored on smartphones. With that in mind, it is extremely dangerous to allow access to just about any application. Users also tend to connect their phones to their cloud storage, where they keep even more sensitive data, and all of that can be compromised if a capable malware manages to slip by the phone’s defenses.
Doffman also stated that the phones are even greater sources of information that users might know, as they collect all of the real-world data as well. He says that the phones know where people live, where they work, where their bank is, and how they spend their money. With all of that information on a single device, downloading just about any app made by an unknown developer is more than just dangerous — it can be catastrophic, and users must keep that in mind.