Flappy Birds clones attract mobile malware at rapid rate
Copycats of popular apps are the current place of choice for cybercriminals to deposit malware capable of extracting data, sending text messages, and tracking users' geo-locations.
Mobile malware creators are increasingly disguising their exploits within seemingly legitimate apps, according to McAfee Labs' new Threats Report. One stark example of this, says the security firm, is that 79 percent of Flappy Birds clones contain malware.
McAfee Labs published its report (PDF) on Tuesday, which outlines cybercriminals' latest tactics on what they're doing to obtain information from people's smartphones and tablets. And, copies of popular apps appear to be their current target of choice.
The addictive Flappy Birds app was pulled by its creator from app stores in February, which meant a surge in clones of the game. According to McAfee Labs, much of the malware found on these copycats included ways for perpetrators to make phone calls, install additional apps, extract contact lists, track geo-location, and establish control over the device to let them do things like record, send, and receive text messages.
"We tend to trust the names we know on the Internet and risk compromising our safety if it means gaining what we most desire," McAfee Labs senior vice president Vincent Weafer said in a statement. "The year 2014 has already given us ample evidence that mobile malware developers are playing on these inclinations, to manipulate the familiar, legitimate features in the mobile apps and services we recognize and trust. Developers must become more vigilant with the controls they build into these apps, and users must be more mindful of what permissions they grant."
Besides an in-depth look at the ways cybercriminals deposit malware on imitator apps, McAfee Labs also looked into other trends in mobile malware. Other issues include the growth of suspicious URLs, which increased 19 percent since the fourth quarter of 2013; a boost in the kinds of mobile malware, which grew by 167 percent from 2013 to 2014; and, the fact that signed malware continues to be a popular form of attack -- seeing an increase of 46 percent in the first quarter of 2014.