Malicious Android Apps Double in Q1 as Lockdown Users Are Targeted

Written by

The number of malicious Android apps detected in the first three months of the year is double that of the same period last year, according to new data from Upstream.

The mobile technology company’s Secure-D platform discovered over 29,000 malicious apps on the Google platform in Q1 2020 versus around 14,500 in Q1 2019.

What’s more, nine of the top 10 most popular malicious apps of the first three months of 2020 were available at some point on Google Play. Around 30% of the top 100 for 2019 were also available on the official marketplace.

Cyber-criminals are increasingly hiding their malware in leisure apps such as games, social, news and video players, to appeal to the large numbers of users now stuck at home.

Upstream said its security platform blocked 89% of the 326 million mobile transactions it processed because they were fraudulent. Many (32 million) were related to use of Snaptube, a video downloader app which was found to be engaging in mass advert and premium service subscription fraud which could have cost unwitting users tens of millions of dollars.

In fact, Upstream said the number of global transactions it blocked as fraudulent increased 55% from Q1 2019 to 2020.

It also revealed that the number of infected mobile devices it detected increased 7% to 11.2 million.

“With the majority of the world having shifted indoors, there were some darker forces acting to make a profit from the lockdown situation. At Secure-D, we've seen a sharp increase in bad actors publishing ‘leisure’ apps on the Google Play Store, which trick users into subscribing for premium services,” explained Geoffrey Cleaves, head of Secure-D at Upstream.

“Being in lockdown also means prepaid customers will find it difficult to get out the front door to top up their data bundles. In the meantime, malware could be eating into those data bundles. I suspect we may see a drop in mobile internet traffic, and successful billing attempts, in predominantly prepaid developing markets while lockdowns are in force.”

What’s hot on Infosecurity Magazine?