RiskIQ sees 130% growth in malicious mobile apps leveraging top UK brands

RiskIQ

Risks highlighted as malicious apps target businesses and their customers

LONDON, UK — 22 September 2016 — New research from RiskIQ, the leader in external threat management, reveals that the number of malicious apps leveraging top UK brands has grown by 130% year on year[1]. The study by RiskIQ, examined mobile apps owned by or leveraging the brands of 45 top UK companies across five vertical sectors, to give a snapshot of the threats facing UK organizations and their customers from 2015 to today[2].

RiskIQ discovered 107,367 brand-associated blacklisted apps, representing 43% of the total number of apps and found an increase of 131% over the past year. Blacklisting occurs when an app fails a virus scan by one or more of the major virus vendors or if it links to a URL or IP address that is a known source of malware.

The research was undertaken using RiskIQ’s global web crawling infrastructure and virtual user technology which inspects over 170 different mobile app stores daily, extracting and examining over 13 million mobile apps.

In addition to these malicious apps, the research also focused on the growth in the number of mobile apps, their distribution throughout the various primary and secondary app stores and the number of feral apps – mobile apps that exist on the internet but not in a recognized app store. Key findings include:

  • 248,701 brand-associated apps appeared in 2016 - the equivalent of 5,805 mobile apps on average per brand – resulting in a year on year growth of almost two-thirds (63%
  • Each brand examined had apps in an average of 80 different app stores, an increase of 32% since 2015
  • The number of feral apps increased by 165% in the past year, with the biggest growth taking place in financial services

The research exposes a significant increase in risk to both consumers and organizations. As the mobile app store ecosystem evolves, organizations across financial services, retail, travel, media and entertainment, and gambling face a challenging future when it comes to protecting their digital assets, their brand and their customers from the impact of cybercrime.

Although there are claims that many mobile app publishers are seeing their install rates slowing[3], the risk to businesses and their customers remains very real if not managed responsibly, with mobile downloads actually set to grow through to 2020[4].

Ben Harknett, VP EMEA, RiskIQ , said, “In our connected generation, we as consumers turn to our mobile apps for banking, gaming, shopping, travel advice and even to control aspects of our home such as the temperature or lights. This growing reliance comes with an expectancy that top brands will protect our digital existence. If a customer experiences malicious activity whilst using an app they think belongs to a business, the blame is sure to be placed on the brand itself – not on the rogue app. Organizations need to know what mobile apps are out there and which are putting businesses and their customers at risk,” concluded Harknett.

[1]2015 research undertaken in the month of June using the RiskIQ global crawling and virtual user infrastructure investigating the footprint of 45 of the top UK organizations across banking, retail, media and entertainment, travel and on-line gambling.
[2]2016 research undertaken in the month of August using the global crawling and virtual user infrastructure investigating the footprint of 45 of the top UK organizations across banking, retail, media and entertainment, travel and on-line gambling.
[3]http://uk.businessinsider.com/the-mobile-app-boom-is-over-2016-6
[4]https://www.idc.com/getdoc.jsp?containerId=prUS41240816