Fake mobile apps. How to protect yourself?

People got so used to all the technologies out there in the world that they often forget: the device in your pocket is a computer million of times more powerful than the systems used for the moon landings in 1969. Incredible, isn’t it?

Short statistic on mobile apps usage

Before we start with the main questions I want you to know the following interesting statistics on this topic. Currently, in the world there are almost 6.3 bln smartphone users¹ and that’s nearly half of the total population on Earth. With such growth, the downloads of mobile apps are steadily growing too. For the period from 2016 to 2020 the number of downloads of mobile applications for the quarter increased by more than 1.5 times – from 20 billion to 36 billion. In total, over 204 billion downloads were made in 2020. The number of mobile applications in stores is growing as well. According to statistics, about 100,000 new apps for Google Play and 30,000 apps for the App Store appear every month.

What are common signs of malicious or fake mobile apps presence?

It’s never too late to check everything once again. Even if you are sure you don’t have any mobile malware on your device. Maybe that quick battery drainage comes directly from some kind of malware hiding in your phone. Of course, there may be plenty of reasons for that fast discharge, but malware activity may be one of the reasons. So here are some warning signs you should pay attention to in case they appear. It should be mentioned that the signs are common both for iOS and Android.

Long-term effects of malware presence

Device temperature. If you noticed that your device temperature rises when it’s in an idle mode then the sure thing might be that your device has actually got an infection. Basically, it could mean that computation and communication are happening beyond the typical background alerts and updates. Especially when idle your device should not be that hot. When it’s the case then it means both the processors and the power are being consumed by something.

Battery life reduction. It often happens when you use an older version of a mobile device you start to think that it’s quite normal for a mobile battery to get older and discharge faster as well. But the case might be that some malware on your phone drains all the juice from the battery.

Speed reduction. Some types of malware primarily target the computing power of your device. Modern smartphones and tablets boast the powers of what you would call a supercomputer a decade ago. And if you are not that much of a gamer or multitasking person the high usage of computational powers should definitely alert you. In addition, you might notice that apps take longer to respond or web pages pause before continuing to load. The same as with the other cause for mobile malfunction there could be different reasons but you have to consider malware as well.

If that thing happens for a long time, you will likely detect an irreversible effect – wear. In particular, your battery is in danger. Since the charge in the electrolyte, as well as its conductivity, depends on the temperature, the long-time overheating may lead to a sharp decrease in the peak battery capacity. In very rare cases it may even lead to battery explosions.

Visual symptoms

New or duplicated applications. If a new app appears on your phone and you actually don’t remember downloading it then it could be that the malware present on your device had already downloaded it or it`s the malware itself.

Banners that cover your home screen. The vast majority of malicious apps send you pop-up messages – it is much easier to make such a program. However, some of them can spam you with the banners that cover your main screen. Moreover, tricky crooks can hide the cross symbol that closes this banner. Therefore, you will just be forced to press the ad and give the fraudsters their penny. Fortunately, it is a pretty rare tactic. And don’t be confused with the same banner ads on Xiaomi devices – they have the built-in advertising app², that shows you similar banners. It is annoying, but legitimate, and you can disable it any time.

What are the most common kinds of malicious and fake mobile apps?

Cybercriminals exploit different types of mobile malware, since the purpose of their activities is different. Mobile devices nowadays are used more actively than desktops or laptops, hence their chance to get more personal or valuable information is bigger. That’s why there is a strict division on malware for money and malware for the valuable info.

Malware for private information

Banking Trojans. As the popularity of these kinds of apps is on the rise, the same goes for cybercriminals. They embrace the opportunity and actively create fake apps that hide within themselves a banking trojan for stealing credentials. Cybersecurity experts say that revenue from such apps can sometimes be quite substantial.

Ransomware. This type of mobile malware is an amalgamation of two. Most of the samples do not just block your screen or cipher your files. It also steals the data before the encryption. The user pays the money, and then receives the codes to unlock the phone. Fortunately, it is quite rare on mobile devices, and in the case of locker, can be removed easily. However, the “classic” ransomware variants are as dangerous as their PC contemporaries.

Backdoors. Threat actors often distribute this kind of malware as trojan programs hidden within games or customization tools. Cybercriminals use them to redirect network traffic through an encrypted tunnel to a third-party server. Most likely they will use it for sending phishing emails, conducting DDoS attacks, exploiting traffic for ad click revenue. Users may delete the app with malware hidden but the backdoor will stay in the device continuing the malicious work.

Remote Access Tools (RATs). Cybercriminals use this kind of app to get broad access to victims’ device data and even conduct prolonged intelligence surveillance. With RATs cybercriminals can get access to such information as SMS data, web browsing history, address books, call history and installed applications. RATs may also allow cybercriminals to enable device cameras, send SMS messages and log GPS data.

Just making money on you

Fake Applications. That is the specific category of apps that intentionally mimic those popular ones by copying every detail. They will have the same images, music and load screens as the legitimate app. But their purpose is either to redirect users one more time to download other malicious apps like mobile miners or spyware.

Mobile miners. Mobile phones are everywhere, they are easily infected and with the power they pose, threat actors can successfully exploit them for mining. The mining can make your device unusable, and even damage the hardware elements causing overheating.

Advertising Click Fraud. Simply an app that generates income for cybercriminals through fake ad clicks.

Browser exploits. A part of a suspicious app that overtakes control of your browser and the apps that work within it such as PDF reader. May lead to any type of infection, including the installation of other malicious apps.

Users should know that the list could never be enough written because often the kinds of malicious apps overlap with one another combining several features, for example, a fake app can also be a trojan virus or RAT.

How to avoid malicious and fake apps?

Even though cybercriminals won’t give up creating malicious and fake apps, you can protect yourself from them and their apps by simply knowing the most common ways they get to you.

The first and the most obvious rule is to download any app only from the official stores, no side downloads. Usually, cybercriminals put their “traps” on various sites with freeware. These murky sites offer the highest chances possible that someone will eventually download the app. If it’s not the official app store then look for the legitimate site of the app you wish to download.

But even if you download something from an official app store it would not be odd to check the reviews, the official website of a developer, rates. On the official website for the app, you can also find a link that will redirect you to this specific app in the app store so you won`t need to find the app by yourself.

Avoid the apps that are blocked in your country. Most likely the ones you will find on the app store are just the counterfeits.

Things to pay attention

Before downloading look carefully at what types of access the app is asking. A simple calculator won’t need access to your contact list. Go through each app that you have on your phone and see what access they have been granted. Delete the apps that you no longer use.

Don’t forget to update the software regularly. I mean both operating system and third-party applications. It will make you protected against the latest uncovered vulnerabilities.

Don’t root your device as it puts your security in more danger than before. Rooting or jailbreaking your phone means that the internal protection of the device has been surpassed and the user now has unrestricted access to the operating system. People do this in order to install third-party apps that their operating system won’t support or they make certain customization that was not possible with the default protection.

You see the cyberworld as the real one is full of danger but the right knowledge will guide you truthfully. The practice shows that mobile devices can fall in danger the same way as your PC and is in most cases your main device can put you in danger as well.

1. See the stats about the number of smartphone users on Statista.
2. Thread on Quora about the advertisements in the new MIUI firmware.