A new and insightful paper from Positive Technologies reveals that about 50 percent of Android apps are vulnerable to malware. Furthermore, as the paper states, the hacker doesn’t need to be in proximity to the device nor be around the device. Differences in security between iOS and Android appear to be negligible.
Should I stop downloading apps from the store until the problem’s fixed?
I wouldn’t hold my breath until this issue gets fixed. Now, according to the above-mentioned paper, 43 percent of all Android apps found in Google’s Play Store are wormable and, thus, vulnerable to cyber attacks.
For those of you who still think that iOS is much more secure compared to Android, well, I’m sorry to say that 38 percent of Apple’s apps are also vulnerable, per the same paper.
The issue has been tracked down to data storages which are now sufficiently guarded against backdoor attacks.
In their paper, Positive Technologies explained that developers are more into streamlining their apps (i.e., improved control, better UI, gorgeous design) than patching security gaps. Of course, nobody would download and use a buggy app, no matter how many layers of security it boasts.
Back to the issue at hand – very vulnerable and hackable applications. As far as these exploitable points are concerned, Positive Technologies’ report labels them as high-risk, since in 76 percent of cases attackers can steal passwords, accounts, financial data, IM history, and personal data.
What’s even worse is that they don’t need to be in contact with the device or use hacking methods to circumvent admin privileges such as rooting or jailbreaking.
So, where does that leave us? Well, if we were to take this report without the proverbial grain of salt, downloading apps from the Play Store or Apple’s e-store would be like playing a game of Russian roulette: you never know which one could blow off in your face.
Still, the situation’s not that dire; according to Leigh-Anne Galloway, Positive Technology’s lead of Cybersecurity Resilience, most of these hacking attempts can be avoided by us, the users. How? That’s easy – paying more attention to the apps’ demands. As most of these backdoor infiltration attempts play on access privileges, you only need to read the security prompt before running the app on your phone or tablet.
Here’s a quick example – a couple of weeks ago, I installed a Klondike Solitaire game on my phone. Nothing special about installing games on your phone. However, this one requested access to my phone’s camera, mic, contacts, and storage.
I mean, why would an app that is solely designed for entertainment and has no online feature like scoreboards or multiplayer want that level of access? This is one of many examples of how malware can sneak into your device. And yes, the worst part is that you’re the one who let it in.
Wrap-up
The only takeaway from Positive Technologies’ report is this – careful what you download because you may end up with an empty bank account or worse.
Always check an app’s privileges before running it and don’t forget to download from legit vendors. What’s your take on the cybersecurity company’s yearly report? Head to the comments section and share your thoughts with the rest of the community.