Games are the most common form of malware-infected app, according to the Mobile Security: McAfee Consumer Trends Report, June 2013. Cybercriminals abuse app permissions to install malware and use innocent victims to be lured into scams by encouraging them to try free apps. Consumers are attracted by the idea of using free apps and unknowingly agree to invasive permissions giving scammers full freedom to deploy malware. These free apps succeed in extracting personal information from users that can be used for fraud.
“Mobile consumers are unknowingly letting their personal and private information slip into these cybercriminals’ hands, opening up endless doors for scammers,” said Stephan Perchard, vice president, Consumer and Mobile, Asia Pacific, McAfee.
Twenty-six percent of these apps are more than just adware and findings of the study indicate that SMS scams and rooting exploits were are some of the most popular types of threats seen across a range of apps.
Failure to focus on privacy
The McAfee report shows that consumers often overlook the issue of protecting their privacy when downloading apps and the reason is they do not clearly understand the level of damage that can be done by giving this kind of permission. Personalisation, tools, music, lifestyle and TV were found to be the most popular apps that carry malware after games. This report carefully examines Fake Installer and FakeRun. The former is a piece of SMS malware disguised within a free app with the ability to send up to seven messages. FakeRun is a malware that lures users in the US, India and 64 other countries into giving an app a five-star rating on Google Play. A high rating for an app establishes trust for the app developer, which can then serve as a jumping board for the criminals to distribute even more malware for the consumers.
by Anuradha Shukla, MIS-ASIA