Android Users Downloaded Over 2 Billion Backdoor Apps

An independent security firm has determined that Android users have downloaded over two billion data-stealing Android applications onto their devices. Meanwhile, large numbers of enterprises are also housing malicious iOS applications, researchers revealed.

Researchers at security firm Proofpoint have revealed that some 2 billion data-stealing, backdoor Android applications have been installed by users. The security firm discovered that over 12,000 malicious applications present in a number of ‘authorized’ Android app stores have been installed with code to steal data and even create backdoors, the report determines.

Stressing that malicious mobile apps are real-world threats and not just corner cases of malware to be studied, researchers revealed:

Our analysis of authorized Android app stores discovered more than 12,000 malicious mobile apps – capable of stealing information, creating backdoors, and other functions – accounting for more than 2 billion downloads.

Surprisingly, 40% of an undisclosed number of enterprises using the security firm’s TAP mobile security program also had Apple devices running malicious applications. Furthermore, these malicious applications did not weren’t only found on jailbroken phones. They have the means to use different user-initiated enterprise managing features and side-loading techniques to be loaded onto stock, non-jailbroken devices as well.

“About 40 percent of large enterprises sampled by Proofpoint TAP Mobile Defense researchers had malicious apps from DarkSideLoader marketplaces – that is, rogue app stores – on them,” researchers wrote before also adding that “… users who download apps from rogue marketplaces – and bypass multiple security warnings in the process – are four times more likely to download an app that is malicious.”

Related article: 100 Million Android Devices at Risk Due to Baidu SDK Vulnerability

The surprise here is the prevalence of malicious apps on Apple’s iOS platform, generally considered to be more secure than Android due to its restricted application installation controls. In comparison, Android users need to simply click a button to allow app installation from any source, including unverified ones.

Google’s latest Android 6.0, or Marshmallow significantly improves on security to restrict the damage that malicious applications can unleash. However, with most users still on previous versions of Android such as KitKat 4.4, the threat is very real. A version of Android that was originally released in late-2013, the version is still the most used version of Android, running on 36 percent of devices, managing to pip Android Lolllipop 5.0 which runs on 34 percent of all Android phones.

Image credit: Pexels.