A recent report released by Intel Security explained the intricacies related to mobile app collusion and indicated the presence of more than 5,000 versions of 21 consumer mobile apps containing colluding codes of malicious nature.
According to Intel’s McAfee Labs Threat report for the month of June, mobile app collusion threats that manipulate two or more apps to orchestrate attacks on smartphone owners are rising at an alarming pace.
As mentioned earlier, McAfee Labs has precisely observed such behaviour across more than 5,056 versions of 21 apps designed to provide useful user services such as mobile video streaming, health monitoring, and travel planning.
Explaining the main reason for these collusions, the report said the “failure of users to regularly implement essential software updates to these mobile apps”.
While it was considered as a theoretical threat for many years, colluding mobile apps have the capability to carry threatening malicious activities “together by leveraging interapp communication capabilities common to mobile operating systems.
“These operating systems incorporate many techniques to isolate apps in sandboxes, restrict their capabilities, and control which permissions they have at a fairly granular level,” said the research report.
McAfee Labs has identified three types of threats that can result from mobile app collusion—Information theft, Financial theft, and Service misuse.
Mobile app collusion requires at least one app with permission to access the restricted information or service, one app without that permission but with access outside the device, and the capability to communicate with each other.
Either app could be collaborating on purpose or unintentionally due to accidental data leakage or inclusion of a malicious library or software development kit. Such apps may use a shared space (files readable by all) to exchange information about granted privileges and to determine which one is optimally positioned to serve as an entry point for remote commands.
“Improved detection drives greater efforts at deception,” said Vincent Weafer, vice president of Intel Security’s McAfee Labs group. “It should not come as a surprise that adversaries have responded to mobile security efforts with new threats that attempt to hide in plain sight. Our goal is to make it increasingly harder for malicious apps to gain a foothold on our personal devices, developing smarter tools and techniques to detect colluding mobile apps.”
The report suggests a variety of user approaches to minimize mobile app collusion, including downloading mobile apps only from trusted sources, avoiding apps with embedded advertising, not “jailbreaking” mobile devices, and most importantly, always keeping operating system and app software up-to-date.
