View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Malicious Mobile Applications Surge: 29,000 Spotted in Q1

"Malware could be eating into those data bundles"

By CBR Staff Writer

The number of malicious mobile applications available for download has doubled in the first quarter of 2020, and worryingly a large number of them are getting past security checks on Google Play.

This is according to new data from cybersecurity firm Upstream and its Secure-D research wing, which says it identified more than 29,000 malicious apps in Q1, versus circa 14,500 during the same quarter last year.

UK-based Upstream, which says its security platform is used by 30 mobile network operators in emerging markets, said that worrying, nine out of ten of the top malicious applications affecting users were available at one point on the Google Play store. (It was not clear how long for).

Google’s Play Protect is the  world’s most widely-deployed threat detection service: Google says it actively scanning over 50 billion apps on-devices every day, but that finding these bad apps is non-trivial, as malicious developers go the extra mile to make their app look as legitimate as possible.

(Play Protect scans all applications including public apps from Google Play, system apps updated by OEMs and carriers, and sideloaded apps.)

Yet despite the efforts, malicious apps remains a growing market.

See also: Why Mobile Apps are a Headache for Critical Public Services

Upstream notes in its report: “Fraudsters tend to target Android handsets specifically because the operating system is easier to work with, with a host of unofficial places to visit and download apps.” (The comment suggests many apps are sideloaded, particularl in emerging markets).

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

In conducting the report Upstream’s anti-fraud platform analysed 31 mobile operators in 20 countries over the first quarter of 2020.

Malicious Mobile Applications

Watch out for Snaptube

The worst offending application to cross Upstream’s path is a video download called Snaptube which so far has more than 40 million downloads.

The application first came on the scene in 2019, it allows users to download videos and audio files from streaming sites, however it also delivers invisible adverts and self generates clicks on content, in some cases allegedly purchasing premium content. Over 70 million fraudulent transactions have been made through the Snaptube application, with the majority of the transactions originating in Brazil, Upstream found.

Geoffrey Cleaves Head of Secure-D commented in the report that: “Being in lockdown means prepaid customers will find it difficult to get out the front door to top up their data bundles. In the meantime, malware could be eating into those data bundles. I suspect we may see a drop in mobile internet traffic, and successful billing attempts, in predominantly prepaid developing markets while lockdowns are in force.”

Upstream also clocked a significant spike in the number of global transactions that have been blocked as fraudulent, with 55 percent more being blocked year on year.

The report states that: “Indonesia, Brazil and Thailand have seen dramatic spikes in fraudulent activity.

“Secure-D processed more than 161 million transactions in Indonesia, of which more than 157 million were blocked as fraudulent – a block rate of 97.6 percent. Brazil saw a 29 percent increase in the number of infected devices, from 6.9 million in Q1 2019 to more than 8.9 million in Q1 2020.”

See Also: Zoom Wrestles Publicly with its Encryption Demons

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.