Although it's often been touted by Apple fans that its products are immune to viruses or malware, that's simply not true, as the company and many users discovered this week. The tech giant scrambled to remove dozens of malicious apps found on its app store, following their detection by Palo Alto Networks security researchers. The malicious apps in question were all developed in China, using a modified version of the software development kit Apple puts out — known as Xcode — which hackers had manipulated. One of the apps in question was WeChat, an instant messaging app that is popular with users all over the world. Although the malicious apps have been removed, this discovery reveals the vulnerability all smartphone owners face, no matter which operating system they choose.
Apple isn't alone by a long shot when it comes to malicious apps — in fact, the number of malicious apps found in Google's app store nearly quadrupled from 11,000 in 2011 to 42,000 in 2013. The world has moved online, and few people can claim they don't use a smartphone, tablet or other mobile device capable of using apps. This makes it more important than ever for users to be aware of what they're downloading onto their cell phones and how to practice mobile security.
How can I ensure I'm using safe apps?
There are a number of steps you can take to try and prevent yourself from downloading unsafe apps, whether you have an Android, Apple or other mobile device.
- Always download from the official app store. Obviously, this isn't 100% foolproof, but in general, it's a lot safer to get your apps from the Google Play or Apple App stores than to download from another source. This is because both companies have specific rules and requirements for the apps added to their stores. You are putting your mobile device and your privacy far more at risk by downloading and installing apps from a nonofficial source.
- Make sure you are downloading the correct app. Many popular apps, especially games, are victim to "copycat" apps made by those trying to cash in on the latest popular craze. Some copycat apps also offer users the ability to circumvent the need to pay to use an app or its features — however, downloading these copycat apps puts you at risk because you have no idea who made them or for what purpose. Additionally, even apps that aren't obvious attempts to copy or associate with legitimate apps can be dangerous or downright scams. Don't just download the first thing you see when you search for an app; instead, take time to look at who the developer is and ensure you're getting the correct one. Many websites will put links to their app in the Google Play or Apple App stores that you can click to be positive you're getting what you want.
- Strengthen your mobile device security settings. This is something many people are guilty of either not doing at all or not enough, but it's increasingly important. In addition to placing a screen lock that uses a PIN on your phone to keep someone who swipes it from getting in, you can add extra layers of protection by enabling two-factor authentication wherever possible and installing a mobile security app. These apps provide protection for your mobile device in the form of antivirus/antimalware protection, privacy scans that let you know what your apps are up to and much more.
- Regularly review your app permissions. When you download and install an app to your mobile device, you are presented with a screen that asks your permission for the app to have access to certain information or functions on your phone. Like 40-page terms and conditions agreements, it might be tempting to skip this over to get the installation process over with and start using your new app. However, you shouldn't be skipping this — ever– because you should know what different apps are doing with your data. Some of them track your GPS location, some have access to your contacts, etc. You can review these permissions by accessing the settings on your phone, or download a mobile security app like the one offered by ESET, which can help you track what your apps are up to.
- Keep your apps up to date. In the event of a security issue like the one Apple just experienced, the apps in question are removed from the store either permanently or until they are fixed by the developer. The reason applications need to update as frequently as they do is because developers are constantly fixing issues — whether they're simple bugs that cause the app not to function correctly or serious security problems that put users at risk. That's why you should always update your apps as soon as updates are available, especially those that access a lot of your data.
As this most recent malware attack shows, there's only so much the consumer can do. After all, many of the infected apps came from well-known and trustworthy developers who made mistakes by using an unofficial developer kit instead of the one Apple provides. That said, you can still make as much effort as possible to protect your privacy and ensure you're downloading and using safe apps. To learn more about mobile security, read our blog posts on the subject.
Please go HERE for more information.
Please go HERE for more information.
