The Fine Line between Malicious and Innocent Mobile Apps: Part 1

Filip Chytrý 13 Aug 2014

The Fine Line between Malicious and Innocent Mobile Apps: Part 1

AVAST has more than 1 million mobile malware samples in its database, up 900,000 from 2011.

Yet the majority of mobile users seemingly have never been affected by mobile malware. Have you ever wondered why that is?

Unmistakably malicious malware, like ransomware or malware that is designed to send premium SMS behind users’ backs, is available on underground hacker forums. Yet truly malicious malware rarely hits the mass market, because they get blocked by security apps like avast! Mobile Security and are not tolerated on the Google Play Store. This protection saves the majority of mobile users from encountering malware, which is why mobile malware seems like a myth to many.

Android

While it may take time for mobile malware authors to successfully circumvent official app market policies, there are less malicious ways app developers are taking advantage of app users. These app developers are taking advantage of the fine line between malicious and innocent apps, using sly tactics to go behind users’ backs.

PUPs – Potentially Unwanted Programs (not as in puppies)

Apps whose behavior blurs between malicious and innocent are classified by avast! Mobile Security as Potentially Unwanted Programs (PUPs). Apps classified as PUPs act innocently enough to be considered as not malicious, but contain undesirable characteristics, which can be boarder line malicious. Their features can be used maliciously, if the app developer chooses to do so.

Information hungry apps

App developers are allowed to request access to certain functionalities and data on your phone so their app can function properly. For example, a map app can request permission to access your location, to provide you with directions from your current location to your desired destination. Some app developers, however, take advantage of permissions by either requesting additional information or completely irrelevant access from what their app requires.

In March, I found an app that did just this, and at the time of its discovery, it was available on the Google Play Store. The app was called Camera Nocturna, a night vision app that requested much more than access to the phone’s camera. By accepting Camera Nocturna’s permissions, the app also gained access to contacts and the permission to write SMS, which it used to send premium SMS behind users’ backs. The app has since been removed from the Google Play Store.

Always use caution when downloading apps, and pay careful attention to the permissions the app requests. If the permissions don’t seem to match the app’s functionalities, don’t accept them. Google has recently changed the Android permissions section in the hopes of making app permission requests simpler. Despite this, app downloaders should remain cautious. The change by Google groups permissions into categories. This allows apps to receive new permissions automatically, without being explicitly granted permission by the user if the permission falls under the same category as a permission that was previously granted by the user.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ andInstagram. Business owners – check out our business products.

Related articles

--> -->