The number of fraudulent apps on Play Store from Google Inc. (NASDAQ:GOOG) seems to be on a steady rise. Scammers developing Japanese fraud-apps have published close to 1000 apps during August and have been able to trick users into downloading these apps at least 8,500 times. Malware threat has been a serious problem for Android and if not addresses quickly can affect Google’s reign in the smart devices segment. As of August, 44% of Android users were found to be still using the Gingerbread version of the Android OS, which is the most vulnerable to scam due to lack of proper virus and malware prevention code. Scammers are continuously looking for security loop-holes in order to gain access to customers’ data. One-click fraudulent apps are the current nuisance looming in the Play Store.
Since the beginning of the year, the number of one-click apps published totaled approximately 2500 by August, and is showing no signs of slowing down. Most of these apps do not survive more than one night and are removed from the store by the following morning. Although, it appears that one night is enough for the scammers to score numerous downloads due to extensive publishing done by the scammers. Some of them are so well disguised and published that they are able to survive a whole weekend and in some cases, several days – allowing time for hundreds of downloads.
Scammers continue to find new tactics to attract large number of downloads. These tactics have not been successful for long and soon disappeared. However, one of the newest variant has had some success in staying alive on Google Play, though the number of downloads remain limited. These apps claim to provide free adult content and thereby attract large number of users. They include numerous links to adult-related sites, but a couple of similarly-camouflaged links within these apps lead people to fraudulent sites that attempt to trick people into paying a fee (typically around US $1000) without properly signing them up for the paid service. Camouflaging malicious links with legitimate ones helps the apps to stay hidden from security checks. The bad links also lead to a redirector URL that then directs the apps to open whatever sites the redirector is configured with which allows scammers to easily modify where the apps ultimately lead to on the server side if they are under suspicion of being involved in any malicious activity.
While app stores allow users to easily search for and download apps, risks of getting fooled into downloading illegitimate apps is very prevalent. The Android OS has seemingly become a popular platform for hackers to publish fraudulent apps containing malwares like SMS Trojans and spywares. Last year, 100,000 Android devices were reportedly infected by a particular type of malware, raising serious concerns about the stability and security of Android OS.Infections can also be of varying degrees: while some malwares render the devices useless, others can reveal information about a users’ location. Some malwares like SMS Trojans can make calls and send text messages without the users’ knowledge and leave the users with hefty phone bills while others run in the background and record financial information of transactions happening over the internet.
While iOS from Apple Inc. (NASDAQ:AAPL) uses more efficient malware preventing codes and strict screening of apps before they are put up on the store makes it less vulnerable to threats like these. Google should follow suit, in order to prevent malwares from infecting customers’ devices, and it should do it ASAP because if this continues, Google may lose out market share as people begin to question the software’s integrity.