Malicious Apps in Global App Stores Increase, Leading to Emergence of WireX Mobile Botnet, RiskIQ’s Q3 Mobile Threat Landscape Report Finds
(firmenpresse) - London - Dec. 12, 2017 - Malicious mobile apps are back on the rise, impersonating brands and fooling consumers, according to digital threat management leader RiskIQ, in its Q3 mobile threat landscape report, which analysed 120 mobile app stores and more than 2 billion daily scanned resources. In listing and analysing the app stores hosting the most malicious mobile apps and the most prolific developers of malicious apps, the report documents an increase in blacklisted apps over Q2, as well as the continued issues of imitation and trojan apps in official app stores and the emergence of the massive WireX mobile botnet.
Feral apps and Google Play are main sources of blacklisted apps
Q3
Other leading blacklisted app sources
In third place, secondary store AndroidAPKDescargar had comparable numbers to Google and feral apps. In Q3, it more than doubled its number of malicious apps to 20,907, making up about one-third of its total app count and outpacing all other stores by more than 10,000.
Rounding out the top four, ApkFiles rocketed to a huge number (25,545) in Q1 and then dropped off in Q2 before recovering slightly in Q3. Meanwhile, 97 percent of 9game.com
Based on this data, RiskIQ concluded that some stores are being created and pumped up with huge numbers of malicious apps in short order. The firm
Playing the imitation game
One way malicious apps spread is through imitating others that are well known and popular. The report found that antivirus, dating, messaging, and social networking apps are favourite targets for this game. The Google Play store, in particular, is fertile ground for these attacks. Querying RiskIQ data for apps in the Play store since the start of Q3-containing the word
WireX mobile botnet emerges
Coinciding with the increase in dangerous/imitation apps, Q3 also saw the emergence of a massive mobile botnet attack, known as WireX. In August, RiskIQ, Akamai, Cloudflare, Flashpoint, Google, Oracle Dyn, Team Cymru, and others collaborated to take down the new threat, affecting the devices of at least 70,000 Android users globally. After a short development stage, on Aug. 17, the botnet struck several content delivery networks (CDNs)-with between 130,000 and 160,000 unique IPs observed from 100+ countries.
Around 300 apps tied to WireX were identified in total, a subset of which was found in official app stores, such as the Play store. Google moved to block these apps and to remove them from all Android devices. These apps masquerade as media and video players, ringtones, and storage managers. Once installed, they activate hidden functionality to communicate with command and control servers and launch attacks, whether the app is in use or not.
In this instance, extraordinary collaboration among security professionals was able to hamstring WireX before it could launch more devastating attacks. However, the botnet is not dead, and researchers are still encountering examples of its malicious apps in the wild. It may not be long before the rise of a new mobile botnet built through the spread of malicious Android apps.
For specific metrics or to learn more, download the RiskIQ Mobile Threat Landscape Q3 2017 Report: https://www.riskiq.com/research/2017-q3-mobile-threat-landscape-report/.
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organisation’s digital presence. With more than 70 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action to protect business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, and MassMutual Ventures.
Visit https://www.riskiq.com or follow us on Twitter.
Haydn Stokes
Atomic PR
Haydn(at)atomicpr.com
+44(0)203 861 3845
Datum: 12.12.2017 - 08:24 Uhr
Sprache: Deutsch
News-ID 1530374
Anzahl Zeichen: 3107
contact information:
Contact person: Fran Cator
Town:
Lincoln
Phone: +44 (0)1522 883640
Kategorie:
Wireless & Mobile
Typ of Press Release: bitte
type of sending: Veröffentlichung
Date of sending:
Anmerkungen:
Diese Pressemitteilung wurde bisher 832 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Malicious Apps in Global App Stores Increase, Leading to Emergence of WireX Mobile Botnet, RiskIQ’s Q3 Mobile Threat Landscape Report Finds
"
steht unter der journalistisch-redaktionellen Verantwortung von
RealWire (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
