While most people are aware of the malicious threats targeting their computers, many still don’t realise that their mobile devices are an increasingly lucrative a target for cybercriminals.
The main way smartphones are attacked is though apps, often ones which pose as innocent and useful but actually aim to steal data or in the case of ransomware, force users to pay up. Recently, google uncovered the Android version of Pegasus, a mobile spyware created by NSO Group, an Israeli surveillance company considered the most advanced producer of mobile spyware on the planet.
Both iOS and Android devices are targeted by hackers, but data suggests there is more Android malware in circulation than for iOS; a recent report by F-Secure goes so far as to say 99 percent of all malware that targets mobile devices is designed for Android.
Google scans the apps when they’re submitted, so hackers have now taken to hiding malicious code deep within their apps, only activating it once the app is safely in the store. So why are malicious apps still getting through? One reason is because cybercriminals are clever. They are always finding new ways to circumvent security checks on apps, so their malware will be downloaded and they will make money.
In an effort to combat this epidemic, Google has developed ‘Verify Apps’, a tool for Android devices which warns users of potentially harmful apps. But the tool isn’t that well known and it’s likely only to be actively used by those who are already aware of cybersecurity threats, not those who might more easily fall victim to fraudulent, unverified apps.