More than 700,000 malicious Android apps wreak havoc on the web

Malicious apps, some of which can be found on the Google Play Store, could steal your personal information.

A quarterly report released by internet security giant Trend Micro recently has found a huge surge in the number of Android malicious apps around the web.

According to the report, the amount of high-risk apps has now reached more than 700,000, up from 509,000 in the previous quarter. This could be worrying for Android users as it is believed up to 99% of devices are at risk of being infected.

The majority of these malicious apps are disguised as popular apps, but contain malware that could see victims subscribe to costly servicesFAKEBANK is a common and prominent malware that does just this. By spoofing "legitimate apps", it creates shortcuts to mobile banking programsJohnathan Leopando, of Trend Micro, says infected users may then be at risk of entering their banking details into a malicious app.

"Once on the device, they can behave in the way that any malicious app would, except the user would think they were a completely legitimate app. For example, a modified/Trojanized app for a bank would continue to work for the user, but the credentials would have been sent to an attacker".

Those from economically developed countries were found to be at greater risk with Vietnam, Brazil and Burma downloading the most malicious apps. This may be due to a desire to acquire applications for a cheaper price.

Although this report could have been released by Trend Micro in an attempt to self-promote their security programs, it is advised that mobile owners should invest an anti-virus for safe measure.

Android users are also advised not to download a dodgy version of Facebook with 1,000+ downloads with a one star rating. Otherwise, you can kiss your University funds goodbye.

Source: Trend Micro | Image: Dottech

Neowin Live - This event has concluded

Report a problem with article
Previous Story

Microsoft offers deep price cuts on Xbox 360 games

Next Story

Buffalo, NY getting Microsoft Store; Orlando, FL to get second location

118 Comments

View more comments

Brony said,
FUD in action. Sheesh.

How is it FUD exactly? Android malware has been well documented from numerous sources, never mind the unpatched vulnerabilities/flaws in the OS that make it easy to install. Unpleasant, sure, but FUD?

Max Norris said,

How is it FUD exactly? Android malware has been well documented from numerous sources, never mind the unpatched vulnerabilities/flaws in the OS that make it easy to install. Unpleasant, sure, but FUD?

Google patched the latest Nexus flaw rather quickly and send the update to OEMs right after. And Samsung, the biggest OEM, patched their devices. Well, their popular devices.

This is a reason I think the plain Nexus/Play store phones will start doing better over the gimmicky Samsung crap that gets released in many different models and only a few updated.

techbeck said,
Well, their popular devices.

Exactly, the majority of devices that are out there will never see this update and can still be tricked because it can't tell if an app has been tampered with. I'm not downplaying Google fixing the problem but that's still a very serious vulnerability that a lot of devices will never have fixed.

Max Norris said,

Exactly, the majority of devices that are out there will never see this update and can still be tricked because it can't tell if an app has been tampered with. I'm not downplaying Google fixing the problem but that's still a very serious vulnerability that a lot of devices will never have fixed.

I think the OP is wrong tho. 99 percent of devices are not infected. AT the start, yes...but lots of those were updated in the past couple of months.

Hope Google does well with the Moto X and starts releasing more phones. These will be among the fastest updated/patched devices out there.

Max Norris said,

How is it FUD exactly? Android malware has been well documented from numerous sources, never mind the unpatched vulnerabilities/flaws in the OS that make it easy to install. Unpleasant, sure, but FUD?

It's FUD because the reader is left with the impression that this malware is all over the Play store, when it has nothing at all to do with the Play store. These faked apps are almost always sideloaded by idiots trying to steal paid apps.

It's also FUD because many of that "700,000" will just be multiple fake versions of the SAME legit app; it's just creative counting.

FloatingFatMan said,
It's FUD because the reader is left with the impression that this malware is all over the Play store, when it has nothing at all to do with the Play store.

Well malware has been found in the Play store... but I'll agree to your point there, it is written a tad skewed, I see what you're getting at.

Max Norris said,

Well malware has been found in the Play store... but I'll agree to your point there, it is written a tad skewed, I see what you're getting at.

Sure. It would be dumb in the extreme to say there is NONE on the Play store. But there's very little, and it's removed as fast as it's reported.

FloatingFatMan said,

It's FUD because the reader is left with the impression that this malware is all over the Play store, when it has nothing at all to do with the Play store. These faked apps are almost always sideloaded by idiots trying to steal paid apps.

It's also FUD because many of that "700,000" will just be multiple fake versions of the SAME legit app; it's just creative counting.

Agreed

FloatingFatMan said,
as fast as it's reported.

Why does it require reporting.
Shouldn't be allowed in the first place.
Don't give me that Open bs. Google are not doing their due diligence for all the ad impressions they get from their partners customers, aka the public.

Even Apple don't catch everything, and that's -with- their paranoiac hyper-scrutiny of everything anyone submits to their walled garden store.

Androids openness is not BS either. The possibility of rogue applications is the price you pay for complete freedom of app and market choice, so it's very much relevant. Windows is a perfect example of that too.

Also, Google's app submission process is quite different to Apple's, so their due diligence has different conditions and cannot be compared to Apple's.

And yet, I have not seen one of these 700k malacious apps in hte Play store or anywhere else. Neither has the dozens of friends/family I know either. Which either means I have less idiots friends/family than most...or Google, and others, are quick and fast to remove them.

I wonder how many people who are saying "I hate android and the play store" uses XP or Windows 7. Heck, even Win8. Yes, I have seen malware in Win8...not via the app store tho.

Edited by techbeck, Aug 12 2013, 12:48pm :

I don't know if you've noticed but malware doesn't jump out of your phone and yell woogaboogoboo at you. It sits there quietly in the background and steals your life.

Keep up the good work. Support your local hacker.

Major_Plonquer said,
I don't know if you've noticed but malware doesn't jump out of your phone and yell woogaboogoboo at you. It sits there quietly in the background and steals your life.

Keep up the good work. Support your local hacker.

It doesnt take a rocket scientist to see what developers are legit, what are not, and what a fake app is. Also, there are scanners for Android phones just like the many scanners for Windows OS.

The current play store is highly optimized to push Trojans.

If Google really wanted security, there are some simple steps they could take.
But don't hold your breath....

I searched the above .pdf for the word 'play/store', and it's not mentioned once! In fact i'm yet to see a truly malicious app on Playstore.

spUrr said,
I searched the above .pdf for the word 'play/store', and it's not mentioned once! In fact i'm yet to see a truly malicious app on Playstore.

I haven't either, I keep seeing this news stories about malware and Play Store...but don't see the actual malware on the store.

I've seen plenty of junk apps that infest the phone with ads everywhere. track their every move and phones it all home.
Even had one or 2 myself when I had an HTC for a few months it's not all that obvious all the time. Specially if you download some games or things regularly.
And I aint the only one in my surroundings by far that had these issues.

But do a simple google search about this advertisement/tracking infestations on people's phones...
Keep ignoring it all, thanks to everyone giving Google a green go on keeping their system open and vulnerable, they won't be arsed to fix it.

This is something we all didn't know would be coming about? If you didn't, you shouldn't have a phone!

Basically,
A pretty stupid article, to have to even mention this! Also, anyone putting their faith in an app just because it's from Google, should have their head examined!

Just because some antivirus company, which makes their money off of spreading fear, doesn't make it the truth.

In fact I have seen plenty of rumors of the viruses being spread by the antivirus companies themselves. Its to their benefit to instill fear.

Amazing how people still think ios has no malware the only problem is that the malware doesn't affect the device it's self it actually rides inside the ios and when connected to a computer it infects it. No Os is safe from Malware. With that said I've never had a malicious app on any of my Android devices. Who on earth is stupid enough to download an dodgy version of Facebook when the real Facebook app is free anyway.

Commenting is disabled on this article.