Buying mobile apps on a cell phone is probably a new experience for most of the people that are out there. Sure a lot of them have bought ringtones for their cell phones in the past but buying an app is a different thing altogether. There are more factors that you have to consider when you are purchasing an app. While one of the major factors that you have to consider is whether the app will work for your or not, another one that you have to consider is whether the app is secure or not.
Since the smart phone has become the main way that a lot of people use the internet these days, black hat hackers are starting to target the different platforms that are out there. They are releasing different viruses and worms that are able to take the data out of the phones and send it back to the home server. One of the growing ways of doing this is by making a fake version of some of the more popular apps in a marketplace and replacing the real one. In this article I will show you how this is happening and what you can do to protect your own phone from such an attack. This type of an attack is done mainly on the Android operating system but there have been a few known attacks like this on the IPhone as well. In this article I will focus on the Android based phones that are on the market.
How this type of attack works
When most people go to install an application into their phone, especially one of the more popular ones, they see the name of the app and then they press install. Even though you are able to see a lot more details about the app if you just scroll down in the Android app store, most people do not do that. They trust the app store a little bit more than they should. They figure that the application is in the trusted Google app store and it has the right name, then they will be safe installing it into their smart phone. While that is the case most of the time, sometimes it is not.
Creating an app for the app store can be hard work but it really depends on the type of app itself. If it is a simple app to duplicate then the attackers will create their own version and use the artwork from the original app to try and fool you. If the app is complicated then they will try one of either two things. They will try to reverse engineer the app and reproduce that way. The advantage of this is that the app works and you will keep it on your phone longer without suspecting a thing. If the black hat hacker does not have the technical skills to pull that maneuver then they will just create a fake app with the name of the app that you are looking for. Their hopes is that you will click on the app, which will allow their malware to execute and then you will uninstall the app after you figure out that it doesn’t work. A technique like this means that they have a one time only shot and they better get it right the first time. If you suspect anything before the app is executed then you are probably going to get rid of it right away.
So these are the techniques that bad guys use to get you to install fake apps into your smart phone. Now let’s see what you can do to keep this technique from working.
Stop the malware from getting into your phone
To stop this type of attack from working on you, you will need to be careful while you are in the app store. The first thing that you should do is to take a look at the page where the app is hosted. When you go to a page to download an app there are different types of information they will give you about the app. Some of the information includes the name of the person who created it, their email address, publishing company if it applies, and the reviews by other users of the app. And that is the big tip off that you should pay attention to. How did the app work on others people phones? There is a bit of a fragmentation problem when it comes to Android based phones so some apps are not going to work on some phones. But if people are reporting the app is acting strange or connecting to the internet when it is not supposed to then these are warning signs that you should take heed of. If you pay attention to the information that is the app store then you should be fine.
This is attack is pretty new but since it has been working you are sure to see it more often. Just be careful when it comes to installing apps in the phone and you should be fine.