• Home
  • Business
  • Finance
  • Gadgets
  • Mobiles
  • World News
  • Tech

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

Ran into the and you will had a great $300 mortgage

January 27, 2023

Queer Boystown – Handlung ihr LGBTQ+ Community

January 27, 2023

You should never purchase new Greek dating subscription too quickly

January 27, 2023
Facebook Twitter Instagram
  • Home
  • Business

    Why Consumer Privacy Concerns Can Be Good for Business

    September 11, 2022

    TikTok Guide For Business

    September 11, 2022

    Grandview businesses can apply for new round of pandemic assistance | Lower Valley

    September 11, 2022

    Business briefs | Cal Poly one of ‘Best in the West’; senior center receives grant – Times-Standard

    September 11, 2022

    On the banks of Connecticut River, new business begins refurbishing U.S. Coast Guard boats

    September 11, 2022
  • Finance

    Stimulus Payments, Back-to-School Budget, Self-Employed deductions, Gas Prices…

    September 11, 2022

    Finance Ministry: Need strategic approach to market Malaysia’s R&D results

    September 11, 2022

    Finance Ministry mulls changes in insurance laws; considers easing entry level capital requirement 

    September 11, 2022

    Retired Marlborough CFO moves from finance to crime novelist

    September 11, 2022

    Ethical Finance Global 2022 Summit Produces Prospectus as Career Bridge Into Ethical Fintech

    September 11, 2022
  • Gadgets

    Deals Reminder: Complete 2023 Tech Cert

    September 14, 2022

    Mystery behind the Big Bang theory revealed! And some tech and gadgets that caught it

    September 14, 2022

    Best AI-Powered Gadgets

    September 14, 2022

    E-repair market could be worth $20 bn

    September 13, 2022

    Love your Dash waffle maker purchase from TikTok? More Dash kitchen gadgets are on sale at Amazon.

    September 13, 2022
  • Mobiles

    How to avoid becoming a victim of malicious mobile apps

    September 11, 2022

    Munchkin Digital Coming to Steam, Mobile Devices This Fall

    September 11, 2022

    T-Mobile: Here Comes the Monster Buyback

    September 11, 2022

    Apartments planned for Rangeline Crossing in Mobile

    September 11, 2022

    Sales, rent increases hit Colorado mobile home parks as new laws kick in

    September 11, 2022
  • World News

    West Virginia legislators approve abortion ban with few exceptions

    September 13, 2022

    FBI agent at Sandy Hook breaks down at trial of conspiracy theorist Alex Jones

    September 13, 2022

    Stopping ‘bully’ Alex Jones will be the most important work you do, jury told

    September 13, 2022

    Arrests of UK anti-royal protesters spur free speech debate | World News

    September 13, 2022

    Lights out early for Eiffel Tower as Paris saves energy | World News

    September 13, 2022
  • Tech

    OTO logis-tech wins second edition of KPMG tech innovator competition

    September 11, 2022

    Will Randall make his return against Louisiana Tech?

    September 11, 2022

    Sussex Tech school buses get new security cameras

    September 11, 2022

    Why Is This Tech Growth Stock Down 38% From Its 52-Week High?

    September 11, 2022

    Passkeys, the No-Password Login Tech, Come to iOS 16 on Monday

    September 11, 2022
Facebook Twitter Instagram
eJourno.neteJourno.net
  • Home
  • Business

    Why Consumer Privacy Concerns Can Be Good for Business

    September 11, 2022

    TikTok Guide For Business

    September 11, 2022

    Grandview businesses can apply for new round of pandemic assistance | Lower Valley

    September 11, 2022

    Business briefs | Cal Poly one of ‘Best in the West’; senior center receives grant – Times-Standard

    September 11, 2022

    On the banks of Connecticut River, new business begins refurbishing U.S. Coast Guard boats

    September 11, 2022
  • Finance

    Stimulus Payments, Back-to-School Budget, Self-Employed deductions, Gas Prices…

    September 11, 2022

    Finance Ministry: Need strategic approach to market Malaysia’s R&D results

    September 11, 2022

    Finance Ministry mulls changes in insurance laws; considers easing entry level capital requirement 

    September 11, 2022

    Retired Marlborough CFO moves from finance to crime novelist

    September 11, 2022

    Ethical Finance Global 2022 Summit Produces Prospectus as Career Bridge Into Ethical Fintech

    September 11, 2022
  • Gadgets

    Deals Reminder: Complete 2023 Tech Cert

    September 14, 2022

    Mystery behind the Big Bang theory revealed! And some tech and gadgets that caught it

    September 14, 2022

    Best AI-Powered Gadgets

    September 14, 2022

    E-repair market could be worth $20 bn

    September 13, 2022

    Love your Dash waffle maker purchase from TikTok? More Dash kitchen gadgets are on sale at Amazon.

    September 13, 2022
  • Mobiles

    How to avoid becoming a victim of malicious mobile apps

    September 11, 2022

    Munchkin Digital Coming to Steam, Mobile Devices This Fall

    September 11, 2022

    T-Mobile: Here Comes the Monster Buyback

    September 11, 2022

    Apartments planned for Rangeline Crossing in Mobile

    September 11, 2022

    Sales, rent increases hit Colorado mobile home parks as new laws kick in

    September 11, 2022
  • World News

    West Virginia legislators approve abortion ban with few exceptions

    September 13, 2022

    FBI agent at Sandy Hook breaks down at trial of conspiracy theorist Alex Jones

    September 13, 2022

    Stopping ‘bully’ Alex Jones will be the most important work you do, jury told

    September 13, 2022

    Arrests of UK anti-royal protesters spur free speech debate | World News

    September 13, 2022

    Lights out early for Eiffel Tower as Paris saves energy | World News

    September 13, 2022
  • Tech

    OTO logis-tech wins second edition of KPMG tech innovator competition

    September 11, 2022

    Will Randall make his return against Louisiana Tech?

    September 11, 2022

    Sussex Tech school buses get new security cameras

    September 11, 2022

    Why Is This Tech Growth Stock Down 38% From Its 52-Week High?

    September 11, 2022

    Passkeys, the No-Password Login Tech, Come to iOS 16 on Monday

    September 11, 2022
eJourno.neteJourno.net
Home » How to avoid becoming a victim of malicious mobile apps
Mobiles

How to avoid becoming a victim of malicious mobile apps

ejourno.netBy ejourno.netSeptember 11, 2022No Comments8 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn WhatsApp Pinterest Email


According to statistics, there are almost 6.6 billion smartphone users in the world – almost 83 percent of the total population of the Earth. The revolution in the world of mobile devices has led to the fact that the phone has lost its primary function of making calls and has become a tool for entertainment, study, business and much more.

All these functions are possible due to mobile applications available in specialized stores such as Apple Store or Google Play, as well as unofficial stores.

The popularity of mobile applications is increasing year by year. Over 218 billion downloads were made in 2020. App downloads are predicted to reach over 285 billion by the end of 2022.

The number of mobile apps in stores is also huge. About 100,000 apps for Google Play and 35,000 apps for Apple Store are released every month.

Naturally, information technologies used on such a massive scale attract many cyber fraudsters. Their target is data stored on phones, which can be both personal (photos, documents, bank card data) and work data. The leakage of such information can be extremely unpleasant for its owner.

Today, attackers can forget about using complex social engineering campaigns and other techniques to steal information. Everything is quite simple. You only need to create a fake application that will imitate the real one and perform malicious actions. Such programs are engaged not only in data theft. There are also many cryptocurrency mining apps, ad cheat apps, tracking apps, etc.

Apart from fake apps, there is another way to trick users. Fraudsters create a “legitimate” application that steals the necessary information behind the scenes and transfers it to their servers.

Yes, of course, Google Play and Apple Store engineers are not standing by watching what is happening. They are actively fighting such programs. All applications are checked in manual and automatic mode before publication and periodically after publication. But that’s not enough to keep all rogue apps at bay.

The main ways of creating fake applications

Imitation of popular programs

The more popular the app, the more fake versions will be created. When applying this method, emphasis is placed on human psychology. Many people want to follow the trends and have the most popular apps on their phones.

Fraudsters create clones of popular programs, but with additional “side” functions, such as intercepting entered text and bank card data, taking screenshots, etc. Visually, such applications do not differ from legal ones. They have the same icons, names, and even the manufacturer’s name may look like the real one.

Moreover, even an app store can be faked. For example, a few years ago, a fake copy of the Google Play store was discovered.

Attackers are not limited by super popular apps like WhatsApp and others. Cybercriminals follow trends and news. Cryptocurrencies are growing in popularity – and so you can find apps claiming to be popular cryptocurrency exchanges. COVID-19 appeared, and fake “disease-fighting” apps have not been slow to arrive. Major cultural or political events coming or happening are also reasons for the release of new fake programs.

Imitation of prohibited applications

It is no secret that in many countries, for various reasons (political, religious, ethical, etc.), specific applications are prohibited. Facebook is blocked in Russia, TikTok is blocked in India. Fraudsters fake a banned app and publish it on a store with a similar name and the assurance that it really works like the original. After TikTok was banned in India, the TikTok Pro app appeared very quickly. It was provided by another developer and had completely different functions.

Attackers rely on psychological factors. Many users want to have something that is known all over the world. They are ready to install applications from any source for this without being confused by security issues.

External downloads

Applications can be installed not only from the official store, but from any site. You just need to download a file of a certain format and use it for installation. This method is available for Android and iOS phones. And here, the attackers have a lot of room for action. App stores regularly check the apps added to them, but site owners do not.

The need for “unofficial” downloads is driven by factors such as banning applications of specific categories (casino, pornography, etc.), marketing activity (“our application is ready to appear in the store, but it has not yet passed all the appropriate formalities, be the first to try it and win prizes”), and several others.

Hackers can also attack legitimate sites to replace safe applications with malicious ones or create fake copies of legitimate sites and upload dangerous programs there.

Threats from legitimate applications

Legitimate applications with illegitimate activity

Another way to trick users is to create a legitimate app that starts performing its unwanted activity after some time. The barcode scanner is a good example. It was initially positioned as a convenient application for scanning barcodes, and then suddenly started showing ads constantly.

Exploiting weaknesses

Data breaches caused by mobile devices may not always occur due to the installation of a rogue program. Attackers can exploit vulnerabilities in official applications. So, due to a bug in the Facebook application code, the data of 50 million users was exposed.

The architecture of applications does not remain without the attention of criminals. Types of data storage, encryption algorithms, network security protocols — all of this is being used by hackers to harm users.

Top ways to protect yourself from fake apps

Each user of the mobile device is responsible for its safe use and can reduce the attack surface. It is not necessary to have advanced information security skills for this.

  • First of all, it is necessary to remember the main rule: download applications only from official stores. Downloading applications or installation files from other sources is very dangerous.
  • When you download an app from the official store, you should check the manufacturer, app rating, and number of installs. If in doubt, additional information can be provided by user reviews.
  • To install the official mobile application, you can visit the store using the link on the manufacturer’s website. This way you won’t need to search for an app by its name and the risk of installing a fake app will be minimized.
  • Another way to verify the legitimacy of the app is to contact its manufacturer and clarify any questions.
  • You should avoid apps that are banned in your country. If you see such an app, 99.9 percent of the time, it’s a fake program.
  • When installing new applications, it is necessary to check the required permissions. For example, the calculator does not need access to photos or contacts. In addition, it is essential to regularly review previously granted permissions.
  • It is always good to delete unused apps. This will not only minimize security risks, but also clear the phone’s memory.
  • Do not forget about the basic rules of cyber hygiene. A password must be set on the phone. Your phone should not be left unattended in public places as attackers may try to install apps without your knowledge.
  • It is useful not to connect to unsecured public Wi-Fi networks. They can be monitored by intruders and the data transmitted between the phone and the server can be intercepted or modified.
  • Do not forget to update the applications and operating system of the mobile device in time.
  • Finally, it is recommended not to jailbreak or root your device.

Recommendations for application developers

  • One of the first steps is to implement an information security management system. This will allow you to implement best practices to protect the development environment and the corporate network, reduce the likelihood that application source code will flow through different communication channels, etc.
  • The next step should be to apply DevSecOps principles. This will minimize the number of errors and vulnerabilities in the design and development stages.
  • App developers must constantly educate themselves and follow cyber threat trends and security best practices such as the Zero Trust concept.
  • Before publishing an application to stores, it is recommended to conduct an independent security analysis.

Conclusion

Applications have entered our lives strongly and for a long time. And this applies not only to mobile programs, but also to applications for smart TVs and other devices. Fraud related to such software will evolve and take new directions. The fight against this type of crime must be done by all actors: developers, app store owners and, of course, users themselves.

Image credit: Morrowind / Shutterstock

Alex Vakulov is a cybersecurity researcher with over 20 years of experience in malware analysis. Alex has strong malware removal skills. He is writing for numerous tech-related publications that share his security experience.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email
ejourno.net
  • Website

Related Posts

Munchkin Digital Coming to Steam, Mobile Devices This Fall

September 11, 2022

T-Mobile: Here Comes the Monster Buyback

September 11, 2022

Apartments planned for Rangeline Crossing in Mobile

September 11, 2022

Sales, rent increases hit Colorado mobile home parks as new laws kick in

September 11, 2022

PlayStation’s mobile games need to bring us back to PS Vita and PSP

September 11, 2022

Mobile Children’s Museum is coming to life

September 11, 2022
Add A Comment

Leave A Reply Cancel Reply

Editors Picks

Oculus Quest X Headset: Discover a Shining New Star

January 5, 2021

iPhone Pro 13 Rumored to Feature 1 TB of Storage

January 5, 2021

Fujifilm’s 102-Megapixel Camera is the Size of a Typical DSLR

January 5, 2021
Top Reviews
9.1

Review: Mi 10 Mobile with Qualcomm Snapdragon 870 Mobile Platform

By ejourno.net
8.9

Comparison of Mobile Phone Providers: 4G Connectivity & Speed

By ejourno.net
8.9

Which LED Lights for Nail Salon Safe? Comparison of Major Brands

By ejourno.net
Advertisement
About Us
About Us

Your source for the current news, business, tech, lifestyle and more. This site is crafted specifically to exhibit news from organic sources in one site. Visit us now and never be undated unaware!.

Facebook
Our Picks

5 Things the Canon EOS R1 Needs to Compete With the Sony A1

January 4, 2021

VR – How the Gaming Industry Adapts to a New Reality

January 4, 2021

Hyundai’s Value Surges Amid Reports of Apple Electric Car Deal

January 4, 2021
New Comments
    Facebook Twitter Instagram Pinterest
    • Home
    • About us
    • Contact us
    • DMCA
    • Privacy Policy
    © 2023 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.