Network Security, Vulnerability Management

Study: Apple, Android should better vet app stores, notify users of ‘dead apps’

Apple and Google should do a better job vetting the applications in their respective app stores and should notify users when they have “dead apps” on their devices, after a recent study found that 26.95 percent of enterprise devices had at least one dead app.

To prevent dead apps,  those that have been removed from app stores but remain installed on the user devices, vendors need to prevent malicious apps from ending up in their stores the Apple App store and Google Play stores in the first place, according to Appthority's Q2 2016 Enterprise Mobile Threat Report

Researchers found 962 Apple apps infected with JSPatch on enterprise customer devices and in the official iTunes App Store. The JSPatch framework contained backdoors that allow an attacker to add malicious code to an app without a user's knowledge, the report said.

The study revealed that 0.65 percent of enterprise devices had at least one app containing the JSPatch framework.

It also noted that several Apple applications had been exploited by the AceDeceiver trojan app that acts as a phishing attack to collect and encrypt a user's credentials.

Google has done a better job securing the Android ecosystems by detecting malware in its app stores, the report said, but fared poorly in terms of discovering vulnerabilities and having an easy method to update systems when bugs are found.

Only 4.6 percent of Android devices worldwide have updated to Marshmallow Android operating system within six months of its release, the researchers discovered.

Appthority President and Co-founder Domingo Guerra told SCMagazine.com that Apple and Android enterprise security pros should be made more aware of dead apps and knocked Apple's approach.

“Apple has been relying on manual testing and a lot of iOS malware uses contaminated versions of third-party SDKs (software developer kits),” Guerra said. He said that many of the infections are the result of apps that were previously approved becoming infected in latter updates.

He said it appears that Apple isn't doing a good enough job vetting previously approved apps and as a result hundreds of previously approved and renewed apps were being infected.

Apple and Android makers need to work toward developing a system that notifies users when a malicious app has been removed from the app store but is still on a user's device, Guerra said.

Users are putting themselves and their enterprises at risk when they “download apps that they think are safe but turn out to be malicious” because they present a “large blind spot” in security, he said.

iOS malware breaches have become “more of a trend than an anomaly” while android security updates are only leaving many behind and only “benefiting a smaller number of people,” Guerra said.  

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.