Watch Out For Malicious Mobile App Doppelgangers

As we usher in yet another worldwide sporting event this month with the World Cup, it’s inevitable that scammers will piggyback on the myriad of opportunities at their fingertips to swipe, nab, and phish for spectators’ personal data. We’ve seen it happen a million times before and trending news has always been easy fodder for cybercriminals. Whether it’s a major sporting event, the Royal Birth, or juicy celebrity gossip, unscrupulous individuals come out of the woodwork to prey on those interested. Oftentimes, the inherent trust that comes along with familiar names, whether it’s a brand or individual, lull us into letting down our guard and as a result, compromising safety.

The most recent McAfee Labs Threats Report highlights the above trend with respect to mobile devices, where popular apps are now being cloned and released with vulnerabilities and other risks included. In the last year alone, mobile malware developers have been preying on consumers’ trusting inclinations to manipulate what we are familiar with more than ever before.

Take for instance, the infamous Flappy Bird app craze and untimely shutdown that I wrote about in March, where numerous clones were released post the app’s removal from major app stores. While users were mourning Flappy Bird’s demise, hackers were quick to release their own sinister versions to rope in unsuspecting patrons who missed out on the original. In fact, McAfee Labs™ found that a whopping 79% of sampled Flappy Bird game copies contained malware. The dangerous doppelgangers and others like them are often programed with the ability to make phone calls, extract contact list data, track geo-locations, install additional apps, and even take control over anything on the device, including the recording, sending and receiving of text messages.

Aside from malicious app clones, even those in legitimate app stores can abuse trust and execute commands without user permission. Going a step beyond the app oversharing and snooping I discussed in relation to the 2014 McAfee Mobile Security Report, normal looking apps, like Android/BadInst.A—which was available in the Google Play Store—can actually automatically download, install, and launch other apps. While the Android/BadInst.A app profited through a pay-to-download scheme instead of actually downloading malware, this type of app behavior leaves the door open to more dubious activities in the future.

The final trend the McAfee Labs team identified was a series of new Trojans preying on holes in authentic mobile apps and services. The Android/Waller.A Trojan disguises itself as an update for Adobe Flash Player and remains hidden from detection until after its installed. Once it’s on a user’s device it exploits a security flaw in legitimate digital wallet services to transfer money to the hacker.

With more legitimate mobile apps and games being cloned and abused by hackers, consumers need to be extra cautious. Just because an app is in a valid app store, it doesn’t mean it is valid—as was the case with the fake anti-virus app that was downloaded 10,000 times before it was removed. Always check reviews and stats before downloading new apps, and never grant excessive or unfamiliar permission requests at installation.

As more people embrace virtual currencies and mobile payment apps, these steps are especially crucial when dealing with highly sensitive personal data and money. McAfee® Mobile Security features a number of comprehensive protection features that can help users navigate the wild and crazy world of apps. Android users can review permissions of downloaded apps and receive notifications if they are accessing things they shouldn’t be.

Stay on top of the latest consumer and mobile security threats by following @McAfeeConsumer on Twitter and Like us on Facebook.


The post Watch Out For Malicious Mobile App Doppelgangers appeared first on McAfee Blogs.