Riding on malware fear factor, bogus "scareware" anti-virus mobile apps are infiltrating Google Play and other sites by the hundreds, as the high-profile WannaCry attack helps to prod downloads, according to a report released today by RiskIQ.
But when users download these bogus mobile AV apps, they may be surprised to find they are actually carrying adware, Trojans, and other forms of malware, according to the report, which notes that roughly one in 10 are active and blacklisted, even though they reside on Google Play.
When users do an Internet search for the word "antivirus," the RiskIQ report notes it pulls up:
- 6,295 of total apps past and present, of which 4,292 are still active
- 707 triggered blacklist detections from aggregated AV vendors, 525 are active
- 20% of blacklisted AV apps live in Google Play, 10.8% are active.
Steps to guard against downloading fake apps include relying heavily on official app stores rather than third-party stores, scanning for grammatical errors in the app's description text, reviewing permissions, checking to see if the developer is using a free email service rather than one from a purported company, and checking the app against known blacklists.
Read more about the RiskIQ report here.