February 24, 2016 by

Android Users Downloaded Over 2 Billion Backdoor Apps

An independent security firm has determined that Android users have downloaded over two billion data-stealing Android applications onto their devices. Meanwhile, large numbers of enterprises are also housing malicious iOS applications, researchers revealed.

Researchers at security firm Proofpoint have revealed that some 2 billion data-stealing, backdoor Android applications have been installed by users. The security firm discovered that over 12,000 malicious applications present in a number of ‘authorized’ Android app stores have been installed with code to steal data and even create backdoors, the report determines.

Stressing that malicious mobile apps are real-world threats and not just corner cases of malware to be studied, researchers revealed:

Our analysis of authorized Android app stores discovered more than 12,000 malicious mobile apps – capable of stealing information, creating backdoors, and other functions – accounting for more than 2 billion downloads.

Surprisingly, 40% of an undisclosed number of enterprises using the security firm’s TAP mobile security program also had Apple devices running malicious applications. Furthermore, these malicious applications did not weren’t only found on jailbroken phones. They have the means to use different user-initiated enterprise managing features and side-loading techniques to be loaded onto stock, non-jailbroken devices as well.

“About 40 percent of large enterprises sampled by Proofpoint TAP Mobile Defense researchers had malicious apps from DarkSideLoader marketplaces – that is, rogue app stores – on them,” researchers wrote before also adding that “… users who download apps from rogue marketplaces – and bypass multiple security warnings in the process – are four times more likely to download an app that is malicious.”

Related article: 100 Million Android Devices at Risk Due to Baidu SDK Vulnerability

The surprise here is the prevalence of malicious apps on Apple’s iOS platform, generally considered to be more secure than Android due to its restricted application installation controls. In comparison, Android users need to simply click a button to allow app installation from any source, including unverified ones.

Google’s latest Android 6.0, or Marshmallow significantly improves on security to restrict the damage that malicious applications can unleash. However, with most users still on previous versions of Android such as KitKat 4.4, the threat is very real. A version of Android that was originally released in late-2013, the version is still the most used version of Android, running on 36 percent of devices, managing to pip Android Lolllipop 5.0 which runs on 34 percent of all Android phones.

Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Fake SWIFT Service Emails Delivers Adwind Remote Access Trojan

An email phishing campaign has attempted to infect unsuspecting victims with the Adwind...

Read more arrow_forward

Tesla’s Cloud Account Hacked to Mine Cryptocurrency

Tesla’s cloud environment has been exploited by hackers who used the computational power to mine...

Read more arrow_forward

Snapchat Phishing Attack Swipes Credentials of Over 50,000 USers

Details have emerged on a phishing attack which saw hackers steal the credentials of over 50,000...

Read more arrow_forward