Be Careful With Mobile Apps
If there's money to be had in a particular activity, you can be sure that thieves and criminals aren't far behind. One of the reasons we hear horror stories about cyber-crime is because the Internet is largely unregulated. I've often heard it compared to America's Wild West. No law and order gives way to swashbuckling criminals with bold schemes.
Perhaps the most troubling yet is ransomware - a type of malware that infects a computer in such a way that it restricts a user's access to his own machine. Can you imagine the panic if your computer has been locked and all your important files have been encrypted? Then comes a demand in the form of an on-screen alert - a ransom that must be paid to restore access. This is typically in the range of US$ 100 to US$ 300 dollars, and is sometimes demanded in virtual currency, such as Bitcoin! Infections caused by ransomwares can be devastating, and recovery can be a difficult process that may require the services of a reputable data recovery specialist. That specialist might charge more for his services than the actual ransom!
Today, there's yet another layer making things even more interesting. We live in the golden age of apps. There's an application for every activity you can think of. And people want to download these apps as quickly as they hit the market without thinking about the possible side effects. Consider an innocent user who has just downloaded a mobile app that secretly connects to ad sites. Common enough. But this app forces the user to see the advertisements while using that app. This is fine to an extent. But when the ad site contains malware (like a form of ransomware), you can only imagine how easily you can get trapped. Where's the emergency escape, you might ask? There are none.
Here's a story that I came across recently. Security researcher Luigi Vigneri and his colleagues from Eurecom in France have developed an app that monitors the behavior of others apps on a user's smartphone (I told you there's an app for everything!). It reveals exactly the names of external sites that these apps are secretly attempting to connect to, which include ad and user tracking sites. These researchers call their new app NoSuchApp or NSA for short, according to an article in MIT Technology Review. Vigneri began by downloading more than 2,000 free apps from all 25 categories on the Google Play store. They then launched each app on a Samsung Galaxy SIII running on Android version 4.1.2, which was set up to channel all traffic through the team's server. This recorded all the URLs that each app attempted to contact. Although most attempt to connect to just a handful of ad and tracking sites, some are much more prolific. An app called Eurosport Player connects to a whopping 810 different user-tracking sites! And, as you might imagine, a small proportion of the apps even appeared to be designed to connect to suspicious sites connected with malware, the researchers found.
So, how do these attacks work? Well, attackers download mobile applications from app stores and reverse engineer them to identify security vulnerabilities. Then they create malware to take advantage of those vulnerabilities and infect applications locally. Later, they distribute the created malware via websites, email or other means so it can infect applications after installation--or they place malware-infected applications in app stores that users visit for downloads. As the mobile device is typically more personal than in PCs, users frequently don't notice which version of an application they are downloading. This is when they make the mistake of downloading the infected version. Mobile users often do not understand the permissions they are granting when they install an application or visit sites that are accessible via a quick response (QR) code. They frequently click through security warnings to get to the content they want quickly, by automatically clicking 'yes' many times over. Thus, universally allowing permissions, which can create havoc.
So, what could regular app users do to safeguard themselves from these threats? It's important not to divulge a lot of personal information (even birthdays are clues to your password!) for starters. Secondly, one must create unique passwords for every online account. Next, always update your device OS from authorized sites only. It's also crucial to conduct application permission analysis before updating apps (every time!). Most importantly, always, always keep operating systems and software up-to-date with the latest patches. Doing so will go a long way from preventing those who create apps to do us harm instead of giving us a wonderful mobile experience.