App stores: A security time bomb?

With more and more app stores popping up, are we about to see a significant rise in threats within these virtual stores?

ANALYSIS In the last week we saw Apple celebrating its 10 billion App Store downloads milestone.

The success of app stores has been fairly startling in recent years, altering the paradigm of how people use their web connections.

But with the rise of these virtual emporiums, more of which are set to pop up soon, has come an increase in security dangers threatening end users.

So should users be panicking about what they're downloading and is there even much to be concerned about?

The threats

Users could encounter a variety of threats on app stores. Some are bundled in with other apps, such as wallpapers.

This throws up another challenge for vendors as they try to split malicious apps from the legitimate ones.

Spyware-type applications have been spotted as well, where SMS messages were sent to unintended recipients.

More traditional, PC-like attacks are another danger. Symantec researchers recently spotted a piece of malicious kit that stole data and reported back to a command and control centre.

The app was monitoring SMS messages and was capable of receiving instructions from the command and control centre as well.

Other dirty apps have forced the user to call premium rate numbers, so the crooks get some of their target's funds.

Not so serious?

Despite the range of threats out there, users should not feel overly perturbed. Not just yet, anyway.

The fact that no precise figures have been given on how many malicious apps are present on the likes of the Apple App Store and Google's Android Market, indicates hackers have not yet identified them as fine places to acquire funds and data illicitly.

Compared to the amount and range of malware targeting PCs, malicious apps pale in comparison.

Greg Day, director of security strategy for McAfee in Europe, the Middle East and Africa (EMEA), said the security firm had not seen any more than 1,000 mobile threats in total, whereas there are 60,000 PC threats emerging a day.

However, he claimed it was "blatant" that apps will increasingly be used as a basis for attacks.

"What we've seen happen over the last year is a lot of testing can I do it, what can I do it with?" Day told IT PRO.

"The question is, at what point does that floodgate open and this becomes mainstream?"

Smarter businesses will prepare now for when mobile app threats really start to escalate, according to Day.

Orla Cox, security operations manager at Symantec, said her company had also only seen "a very small amount of threats."

But Cox said she expects certain kinds of app attacks to continue to rise, such as the aforementioned premium phone dialler danger.

She also pointed to the Android Market, indicating many of the threats Symantec has spotted had come out of the Google offering, rather than the Apple App Store.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020
What is Neuralink?
Technology

What is Neuralink?

24 Oct 2020