1,730 malicious apps still available on popular android app providers
DESCRIPTION
Malicious AppsTRANSCRIPT
1/18/13 1,730 Malicious Apps Still Available on Popular Android App Providers
blog.trendmicro.com/trendlabs-security-intelligence/1730-malicious-apps-still-available-on-popular-android-app-providers/ 1/4
Bad Sites Botnets Data Exploits Hacked Sites Mac Malware Mobile Olympics Social Media Spam Targeted Attacks Vulnerabilities
Search our blog:
Go
Hiding in Plain Sight: The FAKEM
Remote Access Trojan
Pulsing the HeartBeat APT
What Kind of Targeted Attacks Will We
See in 2013?
The Trends in Targeted Attacks of
2012
Unsophisticated Wiper Malware
Makes Headlines
Bookmark the Threat Intelligence Resources site
to stay updated on valuable information you can
use in your APT defense strategy
The Issues Surrounding Android
Debugging
Mobile Browser Security: Problem
Exists Between Device and Chair
Holiday Season Unwraps Phishing,
Blackhole Exploit Attacks
Mobile Ad Networks: How Do They
Operate?
[Infographic] Unwrapping Mobile
Security During the Holidays
For information on all mobile threats and other
security risks, see Mobile Threat InformationHub on the Trend Micro Threat Encyclopedia.
Popular Posts
Java Fix for Zero-Day Stirs Questions
Java Zero-Day Exploit and Ruby on
Rails Vulnerabilities
Malware Poses as an Update for
Java 0-Day Fix
Java Zero-Day Exploit In The Wild,
Spreading Ransomware
What Would Scammers Want With
My Information?
Recent Posts
Trendlabs Security Intelligence > 1,730 Malicious Apps Still Available on Popular Android App Providers
Dec20 1,730 Malicious Apps Still Available on Popular Android App Providers
3:37 pm (UTC-7) | by Symphony Luo (Mobile Threat Analyst)
Friday, January 18, 2013 TweetTweet 82 0
The presence of malicious apps on Google Play and other popular Android app providers remains a persistent
problem. As of the first week of December, approximately 1,700+ malicious apps are still available on the Google
Play and two third-party Android app distributors.
Though app providers have implemented certain regulations to mitigate the ruckus of malicious or high-risk apps,
we are still noticing that these apps are being peddled on popular third party app providers. Some were even
downloaded more than 100,000 times.
During December 5th- December 10th, we found that a total of 1,730 can still be downloaded from Google Play and
two other third party app providers we’ve observed. The chart below shows a comparison of the number of unique
malware available on these sites.
We noted that there are specific malware families available per site. The pie charts below show the distribution for
each app provider. For app Google Play, FAKEAPP variants have the most number. FAKEAPP are rogue or fake
versions of well-known apps. Once users are tricked into installing them, these apps steal sensitive information
from the device and send these to remote servers.
For the top third-party app providers, the likeliest malicious apps that users can encounter are GAPPUSIN variants.
GAPUSSIN variants are known to download other malicious apps and steal information from users.
1/18/13 1,730 Malicious Apps Still Available on Popular Android App Providers
blog.trendmicro.com/trendlabs-security-intelligence/1730-malicious-apps-still-available-on-popular-android-app-providers/ 2/4
Hiding in Plain Sight: The FAKEM
Remote Access Trojan
Malware Poses as an Update for
Java 0-Day Fix
What Would Scammers Want With
My Information?
Java Fix for Zero-Day Stirs Questions
Microsoft, Oracle Release Security
Fixes for Zero-Day Exploits
Calendar
January 2013
S M T W T F S
« Dec
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31
Affected users are likely to receive annoying pop-up ads, have their personal information stolen, or be charged for
certain services without their consent. For additional information, the table below provides short descriptions on the
routines of each malware family that are commonly found on the app providers we’ve observed.
1/18/13 1,730 Malicious Apps Still Available on Popular Android App Providers
blog.trendmicro.com/trendlabs-security-intelligence/1730-malicious-apps-still-available-on-popular-android-app-providers/ 3/4
The selling point of the Android platform is the freedom it gives to users to download apps from different app
providers. Users have the option to install apps from whichever sites they prefer. This freedom, however, has been
leveraged repeatedly by malicious developers and cybercriminals who want to take a bite of the Android craze. Just
this August, we’ve found 164 unique high-risk apps on Google Play and certain third-party app stores. Aside from
aggressively pushing ads, these apps are known to collect mobile data without the user’s knowledge and send
these to remote users.
Early this year, we’ve also noted 17 malicious apps available on Android’s official app provider, which were
downloaded more than 700,000 times. These include apps that track users’ location, calls, and messages.
With the way things are going, it may take a while before we see a decrease in malicious Android apps. As the
platform is poised to overshadow its competitors, we can even expect an increase in this threat. As predicted in our
2013 Security Threat Predictions, we are foreseeing a threefold increase in the number of malicious and high-risk
apps to users.
What does this mean for Android users? In a nutshell, they remain targets of shady developers and criminals who
are bent on taking advantage of the platform. Thus, one can never be too careful in downloading apps, even from
Google Play. Added precaution, such as researching about the app developer’s reputation may be added work for
users but it ensures a safer mobile experience.
We are continuously monitoring for app providers for both newly uploaded and popular apps and check for the
behavior of these apps. Trend Micro Mobile Security Personal Edition is capable of detecting the threats we
mentioned above.
To know more about Android-related threats and how to secure mobile devices, you can visit our Mobile Threat
Information Hub.
Share this artic le
T h i s e n t ry wa s p o ste d o n T h u rsd a y, De ce m b e r 2 0 th , 2 0 1 2 a t 3 :3 7 p m a n d i s f i l e d u n d e r M o b i l e . Yo u ca n l e a ve
a re sp o n se , o r t ra ckb a ck f ro m yo u r o wn si te .
1/18/13 1,730 Malicious Apps Still Available on Popular Android App Providers
blog.trendmicro.com/trendlabs-security-intelligence/1730-malicious-apps-still-available-on-popular-android-app-providers/ 4/4
0 comments
What's this? ALSO ON TRENDLABS
Watch Out for WORM_VOBFUS
Tim Martin — We saw tens of infections of this
new variant and were running a fully updated
OfficeScan server. I…
JACKSBOT Has Some Dirty Tricks up ItsSleeves
PhaseCoder — lmao this is stealth bots source
why use v1? v3 is way better
Malware Steals Image Files from Systems
Sycho — If that were the case, then why this
comment in the article.. ".DMP files are memory
dump files that…
3 Reasons Why Africa Will be the NewHaven for Cybercriminals
Manny — Very interesting! I have also been
tracking the number of systems visible on the
Internet in some We…
Leave a message...
DiscussionDiscussion CommunityCommunity ##ShareShare
No one has commented yet.
×
10 comments • 2 months ago
12 comments • 3 months ago
10 comments • 3 months ago
1 comment • a month ago
Com m ent feedr Subs cribe via em ai lm
0★
Top 5 Consumer Threats for 20123 Reasons Why Africa Will be the New Haven for Cybercriminals
© Copyright 2011 Trend Micro Inc. All rights reserved. Legal Notice
TrendLabs
TrendLabs
Join the conversation
Other Trend Micro blogs
CTO Insights
CounterMeasures Blog
Cloud Security Blog
Consumerization Blog
Fearless Web
Internet Safety for Kids &
Families
Simply Security News
Trend Micro Blog [German]
TrendLabs Security Blog
[Japan]
Cloud Security APAC
Do you have a product-relatedquestion? Visit our eSupport website.
TrendLabs Malware Poses as anUpdate for Java 0-Day Fix:bit.ly/UTtH0Oabout 1 hour ago · reply · retweet · fav orite
TrendLabs "Fullz" contain victimprofiles, containing lots of personalinformation: bit.ly/WgLSP03 hours ago · reply · retweet · fav orite