|By Business Wire||
|February 19, 2014 09:39 AM EST||
RiskIQ, the company that protects corporate brands and their customers on the Internet, today announced research findings on the presence of malicious apps contained in the Google Play store. The company found that malicious apps have grown 388 percent from 2011 to 2013, while the number of malicious apps removed annually by Google has dropped from 60% in 2011 to 23% in 2013. Apps for personalizing Android phones led all categories as most likely to be malicious.
The results were gathered by the RiskIQ™ for Mobile service, which continuously monitors mobile application stores to detect suspect applications, application tampering and brand impersonation. For this survey, RiskIQ only counted Android apps in the Google Play store as malicious if they are/contain spyware and (SMS) Trojans that:
- Collect and send GPS coordinates, contact lists, e-mail addresses etc. to third parties
- Send SMS messages to premium-rate numbers
- Subscribe infected phones to premium services
- Record phone conversations and send them to attackers
- Take control over the infected phone
- Download other malware onto infected phones
“The explosive growth of mobile apps has attracted a criminal element looking for new ways to distribute malware that can be used to commit fraud, identity theft and steal confidential data,” said Elias Manousos CEO of RiskIQ. “Malicious apps are an effective way to infect users since they often exploit the trust victims have in well known brands and companies they do business with like banks, insurance companies, healthcare providers and merchants. Our unique visibility directly into App Stores allows us to shine a light on this problem and prevent attackers from impersonating brands to exploit their customers.”
Summary of Findings
Using a distributed global proxy network RiskIQ continuously scans and interacts with mobile apps in leading app stores via synthetic clients that emulate real users. This patent-pending technology exposes malware that would otherwise not “show itself” to traditional web crawler software. The highlights of the RiskIQ for Mobile research on the Google Play store include:
Percentage of Malicious Mobile Apps
Percentage of Malicious Mobile Apps Removed
Top Five App Categories with Most Malware
|1. Entertainment||1. Personalization||1. Personalization|
|2. Education/Books||2. Entertainment||2. Entertainment|
|3. Media/Audio/Video||3. Education/Books||3. Education/Books|
|4. Personalization||4. Media/Audio.Video||4. Media/Audio.Video|
|5. Sports||5. Sports||5. Sports|
RiskIQ will demonstrate its RiskIQ for Mobile service next week at RSA Conference South Expo Booth #2341.
RiskIQ protects corporate brands and their customers on the internet. The company combines a worldwide proxy network with synthetic clients that emulate real users to monitor, detect and take down malicious and copycat apps, drive by malware and malvertisements. RiskIQ is being used by leading financial institutions and brands in the US to protect their web assets and visitors/users from security threats and fraud. RiskIQ is headquartered in San Francisco and is backed by growth equity firm Summit Partners. To learn more about RiskIQ, visit www.riskiq.com.
In his session at 18th Cloud Expo, Sagi Brody, Chief Technology Officer at Webair Internet Development Inc., will focus on real world deployments of DDoS mitigation strategies in every layer of the network. He will give an overview of methods to prevent these attacks and best practices on how to provide protection in complex cloud platforms. He will also outline what we have found in our experience managing and running thousands of Linux and Unix managed service platforms and what specifically c...
May. 6, 2016 06:15 PM EDT Reads: 1,423
trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vice president of product management, IoT solutions at GlobalSign, will teach IoT developers how t...
May. 6, 2016 06:00 PM EDT Reads: 857
As enterprises around the world struggle with their digital transformation efforts, many are finding that innovative digital teams are moving much faster than their hidebound IT organizations. Rather than struggling to convince traditional IT to get with the digital program, executives are taking advice from IT research firm Gartner, and encouraging existing IT to continue in their desultory ways. However, many CIOs are realizing the dangers of following Gartner’s advice. The central challenge ...
May. 6, 2016 06:00 PM EDT Reads: 302
Much of the value of DevOps comes from a (renewed) focus on measurement, sharing, and continuous feedback loops. In increasingly complex DevOps workflows and environments, and especially in larger, regulated, or more crystallized organizations, these core concepts become even more critical. In his session at @DevOpsSummit at 18th Cloud Expo, Andi Mann, Chief Technology Advocate at Splunk, will show how, by focusing on 'metrics that matter,' you can provide objective, transparent, and meaningfu...
May. 6, 2016 06:00 PM EDT Reads: 1,255
A critical component of any IoT project is the back-end systems that capture data from remote IoT devices and structure it in a way to answer useful questions. Traditional data warehouse and analytical systems are mature technologies that can be used to handle large data sets, but they are not well suited to many IoT-scale products and the need for real-time insights. At Fuze, we have developed a backend platform as part of our mobility-oriented cloud service that uses Big Data-based approache...
May. 6, 2016 05:30 PM EDT Reads: 837
The pace of innovation, vendor lock-in, production sustainability, cost-effectiveness, and managing risk… In his session at 18th Cloud Expo, Dan Choquette, Founder of RackN, will discuss how CIOs are challenged finding the balance of finding the right tools, technology and operational model that serves the business the best. He will discuss how clouds, open source software and infrastructure solutions have benefits but also drawbacks and how workload and operational portability between vendors...
May. 6, 2016 05:00 PM EDT Reads: 325
Cloud Object Storage is effectively infinitely scalable and boasts the lowest total costs. But cloud SLAs and T&Cs are traditionally optimized for huge customers like Netflix, so applications demanding better confidentiality or higher availability typically can’t reap the benefits of public cloud storage. In his session at 18th Cloud Expo, Don Martin, CTO of Security First Corp, will provide an overview of innovative technologies available today – secret sharing and information dispersal algori...
May. 6, 2016 05:00 PM EDT Reads: 314
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways that facilitate the tracking, sharing and storing of consumers’ personal health, location and daily activity data. Consumers have some idea of the data these devices capture, but most don’t realize how revealing and...
May. 6, 2016 04:00 PM EDT Reads: 874
As the rapid adoption of containers continues, companies are finding that they lack the operational tools to understand the behavior of applications deployed in these containers, and how to identify issues in their application infrastructure. For example, how are multiple containers within an application impacting each other’s performance? If an application’s service is degraded, which container is to blame? In the case of an application outage, what was the root cause of the outage?
May. 6, 2016 04:00 PM EDT Reads: 1,212
When it comes to IoT in the enterprise, namely the commercial building and hospitality markets, a benefit not getting the attention it deserves is energy efficiency, and IoT's direct impact on a cleaner, greener environment when installed in smart buildings. Until now clean technology was offered piecemeal and led with point solutions that require significant systems integration to orchestrate and deploy. There didn't exist a 'top down' approach that can manage and monitor the way a Smart Buildi...
May. 6, 2016 03:15 PM EDT Reads: 263
Cloud-based NCLC (No-code/low code) application builder platforms empower everyone in the organization to quickly build applications and executable processes that broaden access, deepen collaboration, and enhance transparency for all team members. Line of business owners (LOBO) and operations managers know best their part of the business and their processes. IT departments are beginning to leverage NCLC platforms to empower and enable LOBOs to lead the innovation, transform the organization, an...
May. 6, 2016 03:00 PM EDT Reads: 305
Unless you don’t use the internet, don’t live in California, or haven’t been paying attention to the recent news… you should be aware that self-driving cars are on their way to becoming a reality. I have seen them – they are real. If you believe in the future reality of self-driving cars, then continue reading on. If you don’t believe in the future possibilities, then I am not sure what to do to convince you other than discuss the very real changes that will roll out with the consumer producti...
May. 6, 2016 02:15 PM EDT Reads: 915
There is an ever-growing explosion of new devices that are connected to the Internet using “cloud” solutions. This rapid growth is creating a massive new demand for efficient access to data. And it’s not just about connecting to that data anymore. This new demand is bringing new issues and challenges and it is important for companies to scale for the coming growth. And with that scaling comes the need for greater security, gathering and data analysis, storage, connectivity and, of course, the...
May. 6, 2016 01:45 PM EDT Reads: 1,375
The IETF draft standard for M2M certificates is a security solution specifically designed for the demanding needs of IoT/M2M applications. In his session at @ThingsExpo, Brian Romansky, VP of Strategic Technology at TrustPoint Innovation, will explain how M2M certificates can efficiently enable confidentiality, integrity, and authenticity on highly constrained devices.
May. 6, 2016 01:00 PM EDT Reads: 1,417
In the world of DevOps there are ‘known good practices’ – aka ‘patterns’ – and ‘known bad practices’ – aka ‘anti-patterns.' Many of these patterns and anti-patterns have been developed from real world experience, especially by the early adopters of DevOps theory; but many are more feasible in theory than in practice, especially for more recent entrants to the DevOps scene. In this power panel at @DevOpsSummit at 18th Cloud Expo, moderated by DevOps Conference Chair Andi Mann, panelists will dis...
May. 6, 2016 12:45 PM EDT Reads: 1,190