Fake versions of real smartphone apps are being used to spread malware. Here's how to stay safe

Cyber criminals are copying legitimate smartphone applications and injecting them with malicious code to spy on users and steal personal data including bank information, passwords, photos and more.  

According to cybersecurity company Pradeo’s Mobile Security Report 2022, there are more than 700 websites which operate as third-party download stores outside of the official app marketplaces. 

Third-party app stores mostly cater for Android smartphone users, because the open nature of Google’s ecosystem means that it’s easier to download apps from outside of Google’s Play Store. But some of these third-party sites don’t check the content of apps, and some are specifically designed to for illicit purposes, providing cyber criminals with an avenue for tricking users into downloading malicious apps containing malware

In many cases, researchers warn, crooks are making direct copies of original applications, but tamper with the code to add malicious features. Often the copied apps claim to be offering users additional features or a premium subscription, but in reality they’re just knock-offs designed to steal data from victims. Some of the popular apps being faked to help spread spyware include streaming services, VPN providers and anti-virus software. 

SEE: Cybersecurity: Let’s get tactical (ZDNet special report) 

Cyber criminals often use phishing emails to direct

Read More: https://www.zdnet.com/article/cyber-criminals-are-repurposing-real-smartphone-apps-to-spread-malware-heres-how-to-stay-safe/#ftag=RSSbaffb68