Apps for personalizing Android phones led all categories as most likely to be malicious. The most downloaded malicious app in 2013 was Subway Surfer Free Tips.
For this survey, RiskIQ only counted Android apps in the Google Play store as malicious if they are/contain spyware and (SMS) Trojans that:
- Collect and send GPS coordinates, contact lists, e-mail addresses etc. to third parties
- Send SMS messages to premium-rate numbers
- Subscribe infected phones to premium services
- Record phone conversations and send them to attackers
- Take control over the infected phone
- Download other malware onto infected phones.
“Malicious apps are an effective way to infect users since they often exploit the trust victims have in well known brands and companies they do business with like banks, insurance companies, healthcare providers and merchants. Our unique visibility directly into App Stores allows us to shine a light on this problem and prevent attackers from impersonating brands to exploit their customers,” Manousos added.