February 24, 2016 by

Android Users Downloaded Over 2 Billion Backdoor Apps

An independent security firm has determined that Android users have downloaded over two billion data-stealing Android applications onto their devices. Meanwhile, large numbers of enterprises are also housing malicious iOS applications, researchers revealed.

Researchers at security firm Proofpoint have revealed that some 2 billion data-stealing, backdoor Android applications have been installed by users. The security firm discovered that over 12,000 malicious applications present in a number of ‘authorized’ Android app stores have been installed with code to steal data and even create backdoors, the report determines.

Stressing that malicious mobile apps are real-world threats and not just corner cases of malware to be studied, researchers revealed:

Our analysis of authorized Android app stores discovered more than 12,000 malicious mobile apps – capable of stealing information, creating backdoors, and other functions – accounting for more than 2 billion downloads.

Surprisingly, 40% of an undisclosed number of enterprises using the security firm’s TAP mobile security program also had Apple devices running malicious applications. Furthermore, these malicious applications did not weren’t only found on jailbroken phones. They have the means to use different user-initiated enterprise managing features and side-loading techniques to be loaded onto stock, non-jailbroken devices as well.

“About 40 percent of large enterprises sampled by Proofpoint TAP Mobile Defense researchers had malicious apps from DarkSideLoader marketplaces – that is, rogue app stores – on them,” researchers wrote before also adding that “… users who download apps from rogue marketplaces – and bypass multiple security warnings in the process – are four times more likely to download an app that is malicious.”

Related article: 100 Million Android Devices at Risk Due to Baidu SDK Vulnerability

The surprise here is the prevalence of malicious apps on Apple’s iOS platform, generally considered to be more secure than Android due to its restricted application installation controls. In comparison, Android users need to simply click a button to allow app installation from any source, including unverified ones.

Google’s latest Android 6.0, or Marshmallow significantly improves on security to restrict the damage that malicious applications can unleash. However, with most users still on previous versions of Android such as KitKat 4.4, the threat is very real. A version of Android that was originally released in late-2013, the version is still the most used version of Android, running on 36 percent of devices, managing to pip Android Lolllipop 5.0 which runs on 34 percent of all Android phones.

Image credit: Pexels.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

New Ransomware ‘Spider’ Threatens Wipeout in 96 Hours

A new strain of ransomware discovered by security researchers encrypts files and gives victims a...

Read more arrow_forward

Security Researchers Discover Trove of 1.4 Billion Credentials

Security researchers at dark web monitoring firm 4iQ have stumbled upon a massive 41GB data file of...

Read more arrow_forward

Gartner Research: Cybersecurity Spending to Hit $96 Billion in 2018

Gartner has predicted worldwide security spending to increase by 8% in 2018 to hit a staggering $96...

Read more arrow_forward