Both Apple and Google make life difficult for cybercriminals who want to promote malicious apps. Before uploading an app on any platform, it is checked for malicious behavior. Despite this fact, many malicious apps come to the fore.
It’s a big problem on the Google Play Store, but Apple’s platform isn’t perfect. Contrary to popular belief, users of both platforms should be careful what they download.
If you download a malicious app, you are inviting rogue ads and potentially, theft of your personal information. So why are malicious apps available on the App Store and what can you do about it?
How Malware Is Uploaded to the App Store
Apple is clearly a highly reputable company. That’s why many people are surprised to learn that malicious apps are a problem. However, the reality is that it is nearly impossible to stop some level of malware.
If an app is clearly malicious, it will be rejected immediately. All apps uploaded to the App Store are reviewed and most are reviewed manually. Many get rejected too. However, malicious actors use a variety of techniques to evade detection.
Apps are often programmed to run invisible ads. These ads are not displayed on the affected device. Instead, they tell the device to visit websites in the background. This allows developers to collect advertising revenue without the user knowing anything is happening.
Some apps have a delay before they do anything malicious. Developers know that apps are tested before they are published. So they program their apps to behave normally until they are installed on a regular user’s phone. This is often only achieved by dialing out when they are installed on phones with SIM cards.
Apple and Google are also partly to blame. The App Store receives thousands of app submissions every week and inspecting them all is an expensive process.
Additional oversight requires developers to wait longer for their apps to be approved and longer waiting times can reduce the number of submitted apps. It’s possible that any attempt by Apple to further block malicious apps on its platform could reduce profitability. And that won’t necessarily stop them.
Promoting malicious apps on the App Store is highly profitable. An app that successfully makes it to the platform can earn millions in advertising revenue. Because of this, no matter what Apple and Google do, people will keep trying, and they will sometimes succeed.
It’s worth noting that malicious apps sometimes get uploaded to the App Store by mistake. Some developers use code snippets written by other people; If they use the wrong code, it is possible to accidentally add malware to a legitimate app.
What do malicious apps do?
Malicious apps range widely in terms of functionality. They are all designed to make money but how they achieve it varies.
advertising fraud
Ad fraud is a popular way to earn money from malicious apps. Many legitimate apps use advertising but malicious apps take additional steps. In addition to running the ads you can see, they also run ads in the background. This is a bigger problem for advertisers than for smartphone users, but this activity uses up battery and bandwidth.
browser hijacking
A malicious app can hijack your browser and cause it to open malicious URLs. The malicious URL may then request personal information, promote a scam, or attempt to take advantage of vulnerabilities.
information theft
All smartphone apps are installed in a sandbox, so there is a limit to what information a malicious app can steal. However, they can access your clipboard. So anything you copy and paste can be stolen. Needless to say, any personal information you enter into the app can be stolen.
phishing alert
A malicious app may be used to trick you into providing information using a phishing alert. To do so, the app will display an alert that appears to have come from a reputable source. Any information you provide such as username and password can then be stolen.
How to avoid malicious apps
Malicious apps deserve news precisely because they’re usually denied, so anything that creates it becomes notable. Most of the apps on the App Store are secure. Here’s how to protect yourself from those who aren’t.
Don’t Jailbreak Your Phone
Apple’s App Store isn’t perfect, but it’s still more secure than the alternatives. It’s possible to sideload apps on a jailbroken iPhone without consequences, but by doing so, you’re reducing the possibility of malware.