‘Dead’ Mobile Apps Come Back to Haunt You

Feeling spooked? It may be because a ‘dead’ mobile app has come back to haunt you…

Termed “dead” or “stale,” these waning apps introduce a multitude of security vulnerabilities to a workplace environment, and thus have been coined one of the biggest mobile security risks facing enterprises today.

For some background, a ‘dead’ app is one that was rejected from an official app store. ‘Stale’ apps are either apps that haven’t been updated or have been abandoned by their developers, and as a result are no longer compliant with updated systems and protocols.

Regardless of their names, these apps give cybercriminals the opportunity they need to steal sensitive information, embed malware on a network and generally wreak havoc on businesses. And it doesn’t help that, due to their nature, they’re also difficult to fight back against.

Mainly, this is because dead apps are hard to anticipate. App Stores are under no obligation to notify users that they removed an app from the store (or detail why they did). This removal also impedes a developer’s ability to issue bug-fixing updates to their apps in the wild.

Stale or abandoned apps are also hard to predict. Developers can take on new projects without any notification to the user, leaving older projects and apps to wane.

Both situations allow risky apps and vulnerabilities to linger on a user’s device, giving hackers the window they need to break in.

For example, hackers could use these apps to launch phishing attacks against unsuspecting users. A successful attack could then grant hackers access to sensitive information or allow them to install additional malware.

The lesson to be learned here? You can’t let your guard down, even with your own mobile device.

So how can we protect our devices and our workplaces from hackers? Well, here are a few tips:

  • Stay on top of updates to your mobile apps. All apps have bugs, vulnerabilities, or problems, which is why developers issue updates to them on a continual basis. If you haven’t noticed an update to one of your apps in a few months, it could be an indication that app is ‘dead.’ Do a quick search in the app store and if it’s no longer listed, you’d be wise to remove it from your phone.
  • Delete unused apps. Spring-cleaning should extend to your mobile device, too! Sometimes we download apps just to check them out. That’s fine. But once you’re done – remove them from your device, and your cloud environment. This will cut down on potential vulnerabilities and make device management that much easier.
  • Use comprehensive security. Every device you own should have safety precautions installed on it. McAfee® Mobile Security is free for Android and iOS users, and offers a variety of protections to help keep unwanted people out of your devices. 

As always, to keep up with the latest security threats, make sure to follow @IntelSec_Home on Twitter and like us on Facebook.

lianne-caetano