Meeting the mobile malware threat

Fabian Libeau, EMEA VP at RiskIQ, looks at the growing threat posed by mobile malware to businesses, their brands and customers, and how it can be tackled.

Organisations are increasingly embracing digital channels as a method of customer engagement. However, this is bringing with it new challenges for security and brand management teams, especially in the area of mobile applications.

Verizon’s Mobile Security Report recently revealed that 83 per cent of professionals said that their organisations were at risk from mobile threats in the past year, and 67 per cent said that defences are not keeping up. The problem is that an exceptionally large mobile ecosystem, with millions of applications and hundreds of stores, makes it difficult for an organisation to get an accurate view of the security threats and brand issues operating in this space.

Global smartphone utilisation has led to a rapid increase in the scope and complexity of the mobile ecosystem. While Google Play and the Apple App Store capture a significant portion of the market, there are hundreds of other app stores out there competing for inbound traffic to increase their share. The result is a complicated network, with multiple delivery mechanisms for the proliferation of non-branded or malicious mobile applications.

Fraudulent actors increasingly leverage mobile as a channel, especially the Android platform, which is both the most popular platform worldwide and which also does not require users to jailbreak or root their device in order to install apps from un-trusted sources. Kaspersky Lab recently announced that mobile attacks doubled from 66.4m in 2017 to 116.5m in 2018. So what is the current situation regarding the app ecosystem and what is the impact to UK organisations?

Application explosion is showing no signs of slowing down
Official applications, and applications leveraging brands, are widely copied and distributed in un-official stores. According to RiskIQ data, 90 per cent of brand-attributed apps across all sectors exist in un-official app stores. This application proliferation has a direct impact on consumers, as there is a risk of using an unsupported application or, worst case, a manipulated version of the authorised application. Brand infringement is also harder to track as apps spread more widely.

End users are at risk from blacklisted (malicious) applications
Blacklisted applications are classified as applications that are using a company’s brand, but are flagged by one or more virus detection products, or with links to known malicious sites. These applications usually request excessive permissions or redirect to malware with the intent to compromise sensitive information, including payment information pertaining to the end user. RiskIQ research has uncovered that the proportion of blacklisted applications across all sectors is more than 17 per cent. This constitutes a significant risk to customer loyalty and brand reputation.

Feral applications are on the rise
Feral applications are unauthorised or malicious apps that are hosted on websites rather than in app stores. These apps are mostly malicious in nature as they are hosted outside the mobile ecosystem for one simple reason – to avoid detection. RiskIQ data revealed that feral applications constituted approximately three per cent in proportion of the total number of apps. For organisations, feral apps make the task of taking down the applications more difficult.

The industries that struggle the most with these issues are gambling, media and entertainment. RiskIQ data uncovered that the gambling industry has a high number of blacklisted applications which indicates a significant revenue loss for companies operating in this space. In addition, the percentage of feral applications is highest for gaming apps, which implies that there is a consistent attempt to compromise users of feral applications.

These findings indicate that bad actors are using fake apps to distribute malware and capture data from devices in order to commit crimes. This type of activity is expected to continue increasing, which can be incredibly bad for businesses. Regardless of whether the company owns these apps or not, when customers experience their data being stolen and used maliciously, the blame falls at the doorstep of the company. In order to protect the company image, as well as valuable and personal data, businesses need to be more aware of the issues surrounding mobile malware and the risks this can pose to not only the organisation’s own network, but to their customers as well.