Tuesday, November 27, 2012

Be safe, your favourite app might be infected

Apps drive mobile devices. There’s one for everything, including one to detect a bomb! Apps are tricky in a sense, because they need access to your personal data in the device.

All apps ask for permission while downloading. Some are: access data network, call records, GPS coordinates, rights to modify contents of SD card, to start on reboot etc. On the face of it, they look harmless, and ordinarily most of us grant the permission. But problems crop when the apps have Trojans (a form of virus) hiding in them. With proliferation of apps, they are becoming a popular vehicle for viruses.

Earlier this year, Sophos security firm detected a trojanized version of the Angry Birds game. These are infected apps that resemble the original one, misleading people.

Having such apps is a risk. "Trojans can come disguised as wallpaper applications. They contain the malicious package within it and may be hard to uninstall," says Ruchna Nigam, Security Researcher, Fortiguard Lab.

"Zitmo is a well-known banking Trojan (it has Symbian, Android and Blackberry versions) that can receive commands from the attacker to intercept SMS second-factor authentication banking tokens and forward them to the attacker, thereby exposing users to banking fraud," she says.

Some apps, malicious ones particularly, seek permission for activities unrelated to their function. When a music app seeks access to call records, you must wonder why, and check the credentials of the developer. For all that you know, it might be safe app. But it’s a call worth taking.

Juniper Networks’ Mobile Threat Center analyzed over 1.7 million apps on the Google Play from March 2011 to September 2012. It found that in the cards and casino games category, 94% of free apps that could make outbound calls didn't describe why they would use this capability. Similarly, 84.51% of free apps that could send SMS didn't specify why they should do so.

In the racing games section, 99% of paid apps and 92.42% of free apps had rights to send SMS, while 50% could use camera and 94.54% could initiate outgoing calls -- without any explanation as to why they needed to do that, says Ravi Chauhan, managing director, Juniper Networks.

The survey found free apps were 401% more likely to track location and 314% more likely to access contacts than their paid counterparts. Among location-tracking apps, 24.14% were free, while only 6.01% were paid.

This gives an impression that free apps access info to target ads. But out of the 683,238 apps examined, the share those with top five ad networks was much less than the total number tracking location (24.14 percent). “This leads us to believe there are apps collecting data for reasons less apparent than advertising,” says Chauhan.

How to be safe
1. Avoid free, unsecured wi-fi. Strangers can peep into what you are sending.
2. Download from official app stores like Google Play or iOS.
3. Check if access permissions sought are needed. Trojanized apps seek more permissions than are required.
4. Check who the developer is.
5. Install mobile security app from known brands like Kaspersky, Norton, McAfee or Avast.

(This article was published in The Times of India, Bangalore, today).

No comments:

Post a Comment