“If we needed further evidence that any legitimate-looking app has the potential to be mimicked, scammers have even created malicious and riskware versions of holy books. Proofpoint researchers analyzed holy book apps available on iOS and Android app stores and quantified the extent of the risk to users… and their personal and company data,” Proofpoint reports. “A Proofpoint sample of apps available on major app stores found that the Bible is the most popular of the holy book apps: a single Bible app has over 50 million downloads, three registered over five million downloads, and seventeen Bible apps have been each downloaded over one million times.”
Proofpoint reports, “Looking more closely at the apps themselves, Proofpoint analyzed over 5,600 unique Bible apps (4,154 for Android; 1,500 for iOS), including 208 that contain known malicious code and 140 classified as high risk based on their behavior, all for the Android platform.”
“Nor was the Bible alone in this regard: analysis revealed similar prevalence for malicious and high-risk Quran apps. At almost 4,500 unique Quran apps (3,804 for Android; 646 for iOS),” Proofpoint reports. “Sixteen of the scanned Quran apps contain known malicious code and another thirty-eight were classified as high risk (again, all for the Android platform), and a number of them communicate with as many as thirty-five servers. One of the ten most-downloaded apps is clearly riskware: installing itself as a boot-time app it communicates to thirty-one different servers; reads the user’s SMS messages; can send SMS messages from the user; and can look up the user’s GPS location. As a whole, the scanned Quran apps communicate data to 1,440 servers across thirty-six countries.”
Much more in the full article here.
MacDailyNews Take: Holy malware, fragmandroid!