Most were unofficial, but 16 out of 186 contained malicious code.
Donald Trump’s claims of election fraud were and continue to be completely fictitious – but while evil doers didn’t try to steal the election, they did try to capitalise on interest in politics to launch attacks to make money from victims. An analysis of 186 US election-related apps found that 152 of them were deemed fraudulent or malicious, according to AtlasVPN and RiskIQ, which carried out the survey.
Put simply, it means that many apps claimed to be authorised by federal or state governments but were actually the result of third party developers. Around one in 10 contained malicious code within them, demonstrating that cybercriminals are always seeking a way to try and trick people into parting with their personal data for nefarious means.
Most of the apps discovered (87 in total) were developed and based in the United States, meaning it’s theoretically possible for them to be taken down more quickly from app stores, but a number of them – including all the ones that contained malicious code – were from Hong Kong or China.
“Application stores are spread all around the world and are subject to different rules and regulations,” explained AtlasVPN in a blog post. “For these reasons, it is easier for scammers to release an unofficial service in one country than in another.”
Four main issues with unofficial apps
The way that cybercriminals used the apps appears to be in four different ways, according to the analysis. One was over collection of personal data beyond that required in order to use the app, all while not disclosing how much they’re collecting. Another involves requiring unreasonably broad permissions to access the app. “In this case, an application requests or requires the user to give away access to his sensitive data without any real necessity,” AtlasVPN said. “These permissions include access to phone contacts, gallery images, and so on.”
Some encouraged users to take out paid subscriptions that they then hid the cancel option for, while others obtained details about users that could then be sold to third parties to make money.
“Unfortunately, there are companies and other ill-meaning third parties that pay to get sensitive information about consumers.”AtlasVPN
Almost all of the infringing apps were found on the Google Play Store or similar places, with 95.6% of the apps in question that were available through primary app stores found on Android devices. The Play Store is often much easier to gain access to with apps, with checks and oversights believed to be far more lax there than the Apple App Store. However, more than half the apps were found and downloaded from secondary stores, which are unofficial platforms that have even fewer security measures.
Double-check provenance of apps
The advice from security researchers is clear: avoid secondary stores like the plague, and always double-check what you’re downloading. “Only use official app stores,” AtlasVPN advised. “A large number of fraudulent apps are distributed through third-party mobile app stores. Those stores have insufficient security measures, allowing cybercriminals to spread scams without jumping through too many hoops.”
You should also use common sense: do election apps need all your personal data, and do they need to access your photo reel or other areas of your device?
If possible, try to limit significantly the amount of permissions you grant to specific apps – and if you think they’re being overbearing, then don’t use them and find a less intrusive alternative.
Likewise, be aware that just because an app appears to have positive reviews, that may not accurately represent what the app actually is.
Reviews can be easily faked, and are designed to try and convince people of the credibility of an app. Look beyond the app stores to see if other reviews can be found, or other conversations about the quality of the app in question.