Secondary store AndroidAPKDescargar, Google Play-blacklisted apps and ‘feral’ apps named top three sources for malicious downloads
While malicious downloads drop, trojans and adware are top threats
The bright spot in mobile security is that blacklisted app downloads fell 40 percent in Q2 2017 compared with the results from research conducted in Q1 2017. This improvement is likely due to increased awareness by consumers and increased policing by app marketplaces to identify malevolent or suspicious apps. Meanwhile, trojans and adware remain the top app threats in Q2 2017, and RiskIQ predicts that malicious actors will likely migrate to secondary stores as global app players, such as Google and Apple, become more vigilant in removing dangerous software.
Major marketplaces still host majority of blacklisted apps
Google Play jumped a spot to the No. 2 source for blacklisted apps in Q2, but a secondary store, AndroidAPKDescargar, was the leader for the second-straight quarter. The third-leading source of Q2 blacklisted apps was “feral apps,” or direct downloads from the internet, the hazards of which consumers have not yet learned to avoid. Rounding out the leaders in blacklisted apps were Baidu, AppChina, and AppLenovo.
“Mobile app security continues to be a challenge, even for the biggest brand names,” said Mike Wyatt, Director of Product Operations at RiskIQ. “The size, complexity, and dynamic nature of the global app store ecosystem mean that app developers and marketplace providers can never protect all users from cybercrime. However, they can do more to protect their customers including version control, monitoring for abuse, employing verification techniques, and offering education.”
For specific metrics or to learn more, download the RiskIQ Mobile Threat Landscape Q2 2017 Report at https://www.riskiq.com/research/q2-2017-mobile-threat-landscape/.
RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 70 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action to protect business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, and MassMutual Ventures. Visit RiskIQ.com or follow us on Twitter.
+44 (0)203 861 3901