Cyber criminals are copying legitimate smartphone applications and injecting them with malicious code to spy on users and steal personal data including bank information, passwords, photos and more.
According to cybersecurity company Pradeo's Mobile Security Report 2022, there are more than 700 websites which operate as third-party download stores outside of the official app marketplaces.
Third-party app stores mostly cater for Android smartphone users, because the open nature of Google's ecosystem means that it's easier to download apps from outside of Google's Play Store. But some of these third-party sites don't check the content of apps, and some are specifically designed to for illicit purposes, providing cyber criminals with an avenue for tricking users into downloading malicious apps containing malware.
In many cases, researchers warn, crooks are making direct copies of original applications, but tamper with the code to add malicious features. Often the copied apps claim to be offering users additional features or a premium subscription, but in reality they're just knock-offs designed to steal data from victims. Some of the popular apps being faked to help spread spyware include streaming services, VPN providers and anti-virus software.
SEE: Cybersecurity: Let's get tactical (ZDNet special report)
Cyber criminals often use phishing emails to direct their victims towards malicious downloads, but many can also be found using search engines, particularly if users are specifically looking for free or cracked versions of apps.
Information the crooks are after includes passwords, messages, photos, contact lists, digital wallets and more. The very nature of how people use smartphones makes them a prime target for stealing personal data which can be exploited by cyber criminals and cause ongoing problems for the victim.
Downloading applications claiming to be well-known services from third-party sites can be potentially risky, particularly if the app promises to be free even though the service is usually accessed via a paid subscription.
Users should always be cautious about offers like this which appear to be too good to be true, because the offer is potentially just a gimmick designed to attract downloads in order to install malware on as many phones as possible.
For example the security researchers said they found hundreds of fake version of Netflix app online of varying sophistication, and which actually contained adware, spyware or malware. Another warning sign that an app might be fake: one version claimed to allow the user to watch shows which are exclusive to rival streaming service.
One of the best ways to stay safe from malicious apps is to only download apps from the official app stores. Users who suspect they may have downloaded a malicious app are recommended to reset their device and to monitor their accounts for signs of suspicious activity which could be attempting to exploit stolen data.
MORE ON CYBERSECURITY