DailyPost 2156
APPs – SAFE SOURCING?
Life has moved on the apps in a manner we would not have been able to imagine only a few years back. The dependency is near total as has our life moved away from the laptop to the smartphone as far as most of the necessary functions of life are concerned. What apps brings with themselves, the cyber security risk, by way of data theft and by myriad of other ways is by now known to most of us. Over 2 years of Covid-19 living has brought us to a level, where it is better to suspect every app and digital communication, rather than pay for it later.
Some of damage might not even recoverable later, inclusive of money and social credibility. The nature of information that they are looking for, by your permissions more often than not does not correspond to the utility of the app. Undeniably, they have brought immense comfort to us, but we have regularly trodden the world without knowing what dangers lie in front of us. Besides the messy issues of the known apps, what we are told that one should not install unknown apps and for sure not from unknown sources. But what about known sources? Do we have any research on apps we use and what they actually do.
We don’t have anything today which can be termed as blacklisted apps by any agency whatsoever or a consortium of cyber security firms doing it in wider public interest. Safe sourcing of apps is a grave challenge today. Digital MRI of Apps is not a known diagnostic tool in the cyber world. Now cyber security researchers have found 35 malicious apps on the Google Play Store. I don’t think any one of us would have given it a thought while installing an app from Google Play Store. Life has always been stranger than fiction and more so in the cyber world. These malicious apps were reported to be serving ads linked to malware.
Limiting the findings based on the research conducted these apps have a total download of over two million. They have the capability to conceal their presence on Andriod devices. As per Bitdefender, there is new malware campaign on the Google Play Store where few apps have been using ”false pretexts to lure victims into installing them.” After the installation they change their names and ”aggressively serve adds.” These cybercriminals not only monetise their presence on Google Play, but they also disrupt the user experience and worst of it all, these ads can link directly to malware. As they use different name on installation, they confuse the user, conceal their presence and it also becomes difficult to find and uninstall. Where do we source our apps from? Or ever remain in a state of scare? Thus, users are advised not to install apps that are not needed.
APPs HAVE BEEN A KNOWN SECURITY THREAT FOR A LONG TIME, BUT NOW NO SOURCE IS RELIABLE.
Sanjay Sahay