An analysis of the modern mobile applications for data security

April 17, 2022

Mobile phones have become an imperative portion of our daily lives. People nowadays prefer to keep every bit of information regarding personal and professional life on their mobile phones.App developers are also taking advantage of this dependency and publishing new apps to help user to do their daily activities faster and easier.

The worldwide paramount market leader ofOperating systems, Android and IOS are providing numerous applications to their users. However, this wide buffet of simplified applications allows the users to store sensitive data in apps like online banking, instant messaging, mobile account management, and business function on their phones. This application becomes a lucrative target for hackers to access confidential data without authorisation.

The current security structure of the Android operating system creates a common place for hackers to acquire authorised codes, modify them with malevolent codes, and then republish them on the available application store. This process is also known as a Repackaging attack. According to a study conducted by technology experts on mobile applications:

-  More than 40% of mobile applications on Android are at High – Risk vulnerabilities

-  Insecure data storage is a common issue in both Android and IOS Operating systems.

-  More than 80% of vulnerabilities can be hacked using malware.

-  Most of these issues are caused due to the inefficiency of the security mechanism which slides in during the designing stage and fixing them means changing critical codes.

Modern malware 

Sophisticated malware has become the most lethal attack approach in the technology framework lately. Due to the free availability and openness, Android OS has become a significant target for cybercrimes. Android is not only an Operating system but constitutes three major components which include device hardware, Android OS, and the application runtime.

-  Device hardware refers to the range of hardware configurations where android can run which include smartphones, tablets, watches, automobiles, smart TVs, OTT gaming boxes, and set-top boxes.

-  Android OS refers to the operating system itself and all device materials are accessed through the OS.

-  Android application runtime refers to the administered runtime used by applications and some system services on Android

But what exactly is Malware?

Malware is the umbrella term for Trojans, viruses, and other destructive computer programs threats. These threats are used to infect the system or the network to gain access to sensitive information. These file codes are delivered over a network to infect, steal, and explore any delicate information the hacker wants.

 

Objective of malware

-  Provide outlying control over the targeted device

-  Forwards pam from the infected device to other unsuspecting targets

-  Steal sensitive and intimate information

-  Scrutinise the targeted user’s local network

Types of malware attacks 

There is a variety of methods via which hackers can spread malware to other computer systems beyond an initial attack vector. A malware attack can take place via:

-  Email attachments that contain malicious codes that can be opened. These emails can compromise an entire network as these forwarded emails can spread into the depth of an organisation.

-  File servers likeInternet File systems and Network File systems can allow malware to spread quickly as the user can download or access the infected file

-  P2P or peer-to-peer file sharing allows users to share harmless files like pictures or music. These files can introduce malware to your system.

-  Malware can also replicate itself onto removable media and later on the computer system or network using File-sharing Software.

-  Hackers can also use Remotely Exploitable vulnerabilities to access the systems regardless of the geographic location.

List of Android apps that are affected by modern malware

Google Play is the storehouse for Android apps. Hence, the google store continues to be the target of malware attacks.Malware attackers are using the google play store to steal an array of personal data which includes banking information.

-  In the year 2020, Google play discovered that more than 56 apps, most of the meat for children, were affected by a type of malware called Tekya. These apps were installed on more than 1.7 million devices. Tekya malware is used to generate fraudulent clicks on banners and ads delivered by different agencies. To provide the app with authority, this malware infected the devices using Android and imitate sensitive actions.

-  Recently malware called Joker was detected on Android apps and these apps were installed in more than 5 lakh devices using Google play store. Joker stole the contact list, SMS messages, and device-related information. A key characteristic of this malware is it shows advertisements to the users and subscribed to premium, expensive online services. The malware can also access OTPs from SMSes in a smartphone and can approve online payments. This malware has been found hiding in a lot of apps.

 

Applications infected with Joker:

  • Blender     Photo Editor - Easy Photo Background Editor
  • Battery     Charging Animation Wallpaper
  • EmojiOne     Keyboard
  • Dazzling     Keyboard
  • Super     Hero-Effect
  • Classic     Emoji Keyboard
  • Halloween     Coloring
  • Flashlight     Flash Alert on Call
  • Volume     Boosting Hearing Air
  • Smart     TV Remote
  • Battery     Charging Animation Bubble Effects
  • Volume     Booster Louder Sound Equalizer
  • Super-Click     VPN
  • Now     QRCode Scan
  • Easy     PDF Scanner

Top 10 malware discovered in the year 2021

According to a report, by June 2021, the top10 malware which includes Shlayer, BitCoin Miner, Mirai, CoinMiner, NanoCore,Quasar, ZeuS, GhOst, CryptoWall, and Ursnif comprise 62% of the total malware activity.

Image source https://www.cisecurity.org/insights/blog/top-10-malware-june-2021

Image source https://www.cisecurity.org/insights/blog/top-10-malware-june-2021

 

How to prevent malware?

Security solutions like firewalls, network intrusion prevention systems (IPS), unified threat management systems, virtual private networks, content filtering, data leak prevention systems, antivirus and anti-spam gateways, deep packet inspection (DPI) capabilities, and next-generation firewalls are used to detect and prevent malware.

-  To prevent malware attacks, all the security solutions must be tested using an array of malware-based attacks. These hypothetical attacks will ensure the proper functioning of the security wall.

- Advanced Malware detection tools such as firewalls, Intrusion PreventionSystems (IPS), and sandboxing solutions immediately encrypt your files. These tools regardless of the malware type will detect the malware and its intentions.

- Antivirus software can access and remove the standard infections.  

Malware protection

To protect your organisation and network from malware you need a sophisticated malware protection strategy. You require a strategy that can easily detect the threat and prevent it by using a sequence of anti-spyware, antivirus, and vulnerabilities protection features. You need a system that can filter the URL and has Application identification capabilities.

Malware is designed to spread quickly, affect as many machines as possible and create havoc. To stay ahead of the hacker, you need a malware protection strategy that covers the network, threat intelligence endpoint, and cloud.

-  Network: Network is the gateway to the most crucial business information and hence it requires protection. Firewalls, intrusion prevention systems, URL filtering, and sandboxing systems are typically used to detect, analyse and prevent any malware.

- Threat intelligence: Threat intelligence allows organisations and networks to respond to cyber-attacks more quickly and efficiently.

- Endpoint: The main target of cybercriminals are desktop computers, laptops, and serves. These are places where people keep their sensitive information and attackers look for such vulnerabilities. Hence, organisations must station Firewalls, intrusion prevention systems, URL filtering, and sandboxing systems to guard themselves against such advanced attacks.  

- Cloud: Cybercriminals will go after your data no matter where you keep it. Therefore, the cloud is similarly open to cyber-attacks. You must provide protection against incoming and outgoing traffic, run compliance audits to expose data leaks, and secure your containers.

Conclusion

Cybercriminals know no border and cyber-crimes evolve at a rapid pace. These criminals are exploiting the new technologies and tailoring their attacks using new methods. According to a report,

-  50percent of businesses have reported cyber breaches or attacks in the last 12months.

-  19percent of businesses who have reported cyber breaches or attacks in the last12 months have suffered a material loss of assets.

-  37percent of businesses have board members with a cyber security brief.

-  69percent of businesses are backing up their data on cloud servers.

-  54percent of businesses are actively looking for guidance on identifying and managing cyber risks.  

Weak IT control can allow access to the system and provide hackers a route to personnel data and underlying business.Therefore, cyber security remains at the leading edge for many businesses. IT security specialist Edward Humphreys said in an interview that “education is a company’s best weapon against cybercrime and that, without the right skills, companies are left open to threats”.