Google’s Android firmware may be continually improving in a number of key areas, but one category of constant concern is that of Android malware and general security threats, which seem to be rising just as readily as the platform is. Worryingly, security outfit Trend Micro notes of how the number of malicious apps in existence across the Web has increased to 700,000, with almost 200,000 having manifested in the last quarter alone. With up to 99 percent of devices potentially at risk, the threat is very real, and although users are at least becoming more cautious and aware, it would seem the malware makers are more determined than ever.
An overwhelming portion of the malicious apps, as one would perhaps imagine given previous reports, are disguised to look like some of the Play Store’s most popular apps. By taking this form, a user tends to be none the wiser that the app is illegitimate, and with several strains of malware designed to sit silently within your everyday apps, the limits to the potential damage caused are seemingly endless.
One particular malware that users should be extremely wary of is FAKEBANK, which, as the name implies, spoofs banking apps in order to seem legit. Once it has cooked up a shortcut to a mobile banking program, all it needs to do is wait for an unwitting user to enter their banking details, and, well, you know what happens thereafter.
As described by Trend Micro’s Johnathan Leopando, all it takes for a user to have their bank account cleaned out is for them to enter their details into a malicious app the once, and since these spoof apps continue to function after the information has been sent back to the attacker, the victim will likely be none the wiser until his or her bank account has been duly cleaned out.
The main countries affected by these malicious downloads include developing nations like Vietnam, Brazil and Burma, with consumers in said areas looking to save a buck or two on a cheap app. Still, everybody should be made aware of the potential pitfalls of trawling the Web for apps, and this serves as yet another reminder – if it were ever needed – that users should always source apps from legitimate channels.