The Philippines’ first and only industry magazine that deals with safety and security matters pervading the environment today.

Malicious Mobile Apps on the Rise

The Philippines is among the top 10 countries in the world most at risk of privacy exposure due to app use according to the latest report published by a security software company.

TrendLabs, the research arm of security software company Trend Micro, has released its security roundup report for the second quarter (2Q) of 2013. The report highlighted the current trend in online threats in apps in mobile devices, online banking malware, and threats over social networks.

The report was presented at a round-table discussion in TrendLabs Headquarters in Pasig City last August 28 where SecurityMatters was invited. Paul Josepth Oliveria and Maria Christina Cruz of TrendLabs explained the threat landscape when it comes to mobile device users.

High-Risk Mobile Apps

According to the 2Q report, 718,000 applications for Android devices were identified to be malicious and high-risk. This is an increase from from 509,000 in the first quarter of 2013. This means that Android users should be wary of apps they put or are already in their mobile devices.

It was brought up during the discussion that attackers or cyber criminals are taking advantage of device vulnerability.

According to Oliveria, one such threat is the Masterkey vulnerability:  Oliviera said that this [threat] “will allow an attacker to change the code of the app installed on the device without actually installing the [malicious] app.” He explained that this can be done with a malware that will pose as an update to the application. The attacker or cyber criminal will “trojanize” or make malicious a legitimate application. He added that this may have already affected up to 99 percent of all Android devices.

The report indicated that the Philippines ranked 10th in the countries most at risk of privacy exposure due to app use. This means that the country is among the top 10 which downloaded apps categorized as “privacy risk inducers” or apps that can compromise personal data. Identified at risk are photos, contacts, and other personal files and data of mobile Android device users that can be compromised with the said apps.

How to Guard Against Malicious and Risky Apps

Based on the discussion, mobile users can guard against malicious and risky apps with these tips:

  • “If it’s free, there’s a catch.” Filipinos like free stuff and the same goes with mobile apps. Free apps may have a catch which can be in the form of in-app purchases or ads but some apps take personal data from the user.
  • Download apps only from official appstores. Otherwise, other sources may give the app but attach a malware.
  • Verify the name and publisher of apps. Sometimes malicious apps are named after popular ones but with minor spelling modifications like a letter o switched with the number zero or the letter I with a small letter L. Also, check the reviews.
  • Be wary of the apps that ask for permission to access private accounts like email and send messages in behalf of the user. Be cautious of apps that ask for log-in data even if the use does not require one. For example, if a flashlight app asks for an e-mail, don’t give it and then immediately delete it.
  • Keep the operating system of mobile devices up to date. Updates include patches against files and codes identified as risky and malicious.
  • Use strong passwords and change them constantly.