Cybercriminals are back again reinventing their bag of tricks. Security experts say that they have now gone a step further this time, creating a whole new, fake app store that looks just like the legitimate ones.
“Last year they infected legitimate apps with malware, hosted them on the app marketplace for smartphone users to download. Now, they are creating a new fake app store filled with real-looking malicious applications,” said Mr Shantanu Ghosh, Vice-President (India Product Operations) and Managing Director of Symantec.
Mimicking an app for profit is bad enough, but replicating an entire app store?
“This just goes to show the sophistication and extent to which cybercriminals are ready to go, for a few bucks. In fact, their monetisation techniques have become smarter and more profitable. Unless the user observes the URL, he/she may not be able to differentiate the real from the fake site,” says Mr Ghosh.
“Once the Trojan from the fake app store is installed in the smartphone, it uses a technique called server-side polymorphism where by a unique version of a file is created every time a file is downloaded and this helps evade traditional signature-based detection.
The sites hosting Opfake include either links or buttons that can be used to download the malicious packages that are purporting to be free versions of popular Android software.”
Most of the attacks that we have observed on the mobile platform till date have been Trojanised versions of Android apps.
The latest development, however, is the creation of not just a malicious app, but an entire ecosystem around mobile malware, adds Mr Ghosh.
While cautioning users, Mr Ghosh recommends the implementation of a mobile management solution to ensure that all devices connected to the network are policy compliant and free of malware; use apps store hosted by legitimate vendors for downloading and installing apps and double-check URL; and having a mobile security solution to ensure that the downloaded apps are not malicious among other precautions.
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.