The rules for downloading new applications for mobile devices seem simple: download apps from official platforms and avoid anything from an unknown source.
However, the discovery of new malware in apps from these trusted platforms has security experts reminding businesses to be extra careful about the tools they use. The possibility that any app can hide a Trojan, ransomware, spyware, or other malicious code requires a renewed focus on application security and mobile device management.
The Latest Threat to Mobile Devices
Downloading applications from official app stores is significantly safer than other platforms. Apple, for example, subjects new apps to a rigorous vetting process that rejects more apps than it accepts; PCMag reports that the tech giant rejected over 1.6 million App Store submissions in 2022 alone. Google Play also has procedures to protect users from malicious apps and scans apps for security risks in real-time.
However, despite these efforts, malware can slip through. The new malware on users’ devices skips the typical social engineering tactics used by keyloggers, RootKits that allow hackers to use compromised devices to launch Botnets, or Trojans to trick users into granting permissions that expose sensitive information.
Security researchers at Kaspersky report that criminals thwart app store security protocols by hiding malware in updates, ensuring the product passes the initial security inspection. Sometimes, the malicious code hides in software developer kits that third-party developers use to create their apps.
However, criminals hide their malware, and the effects are potentially devastating. Some of the new malware researchers uncovered from app stores include:
- Programs that steal banking information disguised as web browsers, dating apps, and credit card companies.
- Malware hidden in AI tools that uses Optical Character Recognition (OCR) to collect information from screenshots that can reveal login credentials, payment information, personal messages, and more.
- Dangerous loan apps that promise fast funding but require permissions that expose personal information the hackers use for extortion.
Any malware can cause trouble for your business, exposing sensitive information that can lead to a data breach and damage your reputation and finances.
Protect Your Company From Malware in Mobile Applications
Strong rules governing apps, from where they come from to which apps are allowed, are key to securing your company against hidden malware. Restricting employees to apps from the official stores remains the best way to prevent problems, but do so knowing that there’s always a possibility that even “safe” apps can have security flaws.
How can you avoid malicious apps and the risk of new malware infecting your business?
- Ongoing training and updates about safe app usage and how to recognize possible threats.
- Strict application installation policies that restrict employees to vetted apps on work devices.
- Regular security audits for immediate mobile application risk identification.
- Continuous security monitoring to identify and respond to threats in real-time.
- A mobile device management system to control and secure employee mobile devices.
A proactive approach to application security safeguards sensitive data and maintain business integrity and operations.
