Dec 20 2017

Smarter Phones Lead to Smarter Hackers

Smartphones have opened a new world of connectivity, giving users unprecedented and unwavering access to the Internet at the touch of a button. It has been widely reported that the average smartphone owner checks their device around 85 times per day (I do it more than that 😉 ), and many claim that they need their phone to function normally within their work and social lives.

Smartphones spread information and ideas in a faster way than was ever possible, but they have also opened the door to countless new malicious moneymaking tactics.

One of the most common and effective methods used by hackers is to exploit app markets to gain access to smartphones. In the fall of 2016, we saw an extremely successful use of this tactic on Android phones through what were called the “Gooligan” attacks. Gooligan hackers used the Android app store to con marketing companies into spending money on what seemed to be legitimate efforts to improve the download rates of certain mobile apps. Paying for the service actually ended up giving hackers access to thousands of Android phones, and Consumer Reports estimated that the hackers responsible made up to $500,000 a month off of Gooligan.

App stores have become hotbeds for similar illegitimate moneymaking schemes. Developers have taken to creating fake apps that look incredibly similar to real apps by using the same colors, fonts, and products as well-known companies. These fake apps can profit from inundating screens with advertisements or even inserting malicious code behind the scenes that then obtains access to a consumer’s device without any clear indication.

As more consumers turn to smartphones for everything from gaming to news to retail, it is critical to properly vet the apps that will be allowed access to devices. Apple, Google, and other companies that promote app marketplaces are partially responsible for doing so, but with smarter phones come smarter hackers, and it is inevitable that some nefarious apps will sneak through.

Top 3 Things to Look for in a Credible App

  1. Look at the number of times downloaded and the reviews. Is it a popular app? Are the reviews favorable and credible?
  2. How long has the app/ builder been in operation? Has the developer been in the market for a long time?
  3. Look at the permissions the app is asking for when in operation. Does it make sense for that app to ask for those permissions?