Fake apps and Cloned Apps

Fake mobile apps are Android or iOS applications that mimic the look and/or functionality of legitimate applications to trick unsuspecting users to install them. Once downloaded and installed, the applications perform a variety of malicious actions. Some fake applications are built to aggressively display advertisements to rake in ad revenue, other apps are designed to harvest credentials, intercept sensitive data, divert revenue or infect devices.

Another and more disconcerting strategy consists in cloning existing apps and adding malicious code. Unprotected mobile applications can be reverse engineered in just minutes. Once an attacker has access to the source code of an application, he can tamper with and repackage it. The cloned application looks exactly like the original and has the same functionality, but also performs malicious activities. A good example of this is the clone of the Facebook Lite application of March 2017, designed to infect devices with malware.

Why Fake/Cloned Apps are risky

The widespread usage and integration of mobile devices and applications into all spheres of society has helped establish fake apps among today’s biggest cybersecurity threats. According to the McAfee Mobile Threat Report 2019, nearly 65,000 new fake apps were detected in December of last year alone— over 6 times the amount reported in June 2018.

Fake/cloned apps can be distributed in multiple ways. They are mainly hosted on third-party app stores or circulated through social engineering campaigns. Even official app stores are used to distribute fake apps, despite the security measures they have implemented.

Third-party app stores

Your mother may have told you to never take apps from strangers. No? It’s still good advice, especially when you consider the risks that come with downloading apps from third-party app stores.

Apple® AppStore and Google Play™ are the two biggest official app stores. You can go there to download mobile applications for your iPhone or Android device. However, Google Play isn’t available in all countries. So, many users in those countries would rely on apps that may be legitimate from another app store – a third-party app store.

Third-party app stores may not apply the same level of scrutiny toward the apps they allow to be listed in their app stores. Still, it can get tricky. Third-party app stores might offer plenty of safe applications. But there’s also a higher chance they might offer dangerous ones.

The stores might sell popular apps for cheaper prices, which may sound appealing. But that bargain buy can put user privacy at risk.

Fake/cloned apps are often seen from third-party app stores.

Protecting brands in a mobile-first world

Downloading a fake app can have severe consequences for the end-user. For that reason, end-users should avoid downloading from third-party app stores and be attentive to apparent signs of fraud (spelling mistakes in the description, a lack of user reviews, sloppy interface design, etc.) when downloading from an official store. But end-users are not the only victims of fake applications. Organizations can suffer substantial financial and reputational damage when their mobile applications are cloned and their brands associated with fraud.

To protect their brand, enterprises can take the following measures:

1. Provide legitimate mobile applications in trusted app stores only .Users will look for mobile applications associated with their favorite brands. Giving users easy access to legitimate applications through official app stores or trusted app stores can reduces the risk of them downloading fake applications.
2. Monitor mobile apps uploaded on third party app stores. Organizations can monitor the official app that is uploaded on third party app stores, even take them off the app store to reduce the potential risk of fake/cloned apps.
3. Protect mobile applications.Code hardening and runtime applications self-protection (RASP) effectively prevent mobile applications from being cloned and tampered with.