Rogue Applications

Global Security Insight

Rogue Applications

The smartphone app is a phenomenal success with a total download figure that is fast approaching 50 billion according to Getjar. There is however a potential downside as apps, particularly free applications and games, can collect and transmit personal information without people’s knowledge, violating their privacy, or be used to defraud the subscriber through premium SMS messages, auto-subscribe, international calls and even operator or on-board payment transfer mechanisms.

This leaves carriers caught between wanting to promote apps to drive stickiness and data usage, but at risk of having their subscribers become compromised, and having to handle increased customer care complaints.

Privacy Management

Rogue apps are capable of collecting information that can include Facebook ID, email address phone number, handset, country, city and GPS co-ordinates. The information may be transmitted over the internet to a range of advertising brokers and analytics firms - relatively innocuous recipients, but rarely, if ever, named explicitly within application terms and conditions. Some of the apps may be sending city or coordinate data for legitimate reasons but users are unlikely to be fully aware of the specific terms and conditions attached to its use. Having application vendors provide users with 27-page of terms and conditions documents is not the solution.

By implementing a level of network security that leaves their customers free to enjoy their smartphone experience unhindered, operators can step into the growing gap between users and their devices and provide a seamless, secure experience.

Rogue App Remediation

The Network Plus Protection Platform (NPP+) provides carriers with the tools to protect subscribers from exploitation by rogue apps. The NPP+ offers three levels of protection:

Identification of devices that are compromised, by the footprint of data and SMS requests known malware makes on the network;
Identification of new threats, through advanced behavioural algorithms monitoring the traffic within a carrier’s environment;
Remediation of the device, using either the MalwareDetect+ app to alert the user to a hostile application, interrupt redirection, or using an operator’s own MDM capability to remove the application.

By informing users when they are compromised, while simultaneously blocking the effects of the infection so the subscriber is protected from loss; an operator is able to reinforce the trust that subscriber has in the network.

GSIM 3 – Rogue Application research

Latest Blog Entry
Russian cyber criminals spreading Android toll fraud malware by SMS Posted: 07th February 2013 - by Ciaran Bradley MMS 9560 “I love you” fake MMS notification

Android premium rate SMS Trojans (aka toll fraud) is nothing new in Russia but typically it is distributed via fake Android marketplaces or unofficial app stores. In conjunction with one of our carriers customers we investigated malware that was promoted via SMS. In this attack spammers were targeting Russian consumers with a social engineering campaign that sent out tens of thousands of SMS with links to a website hosting mobile malware.
Read More.

SMS Abuse

SMS attacks continue to be a commercial threat, with Operators worldwide continuing to suffer the effects of SMS Fraud and Abuse on their networks. The majority of SMS abuse appears as legitimate SMS messages, bypassing the simple firewall gateways that operators have deployed to catch signalling frauds. Read More.
IP Reputation

A Clean IP Reputation is an increasingly important asset for Operators as mobile data services contribute a growing proportion and strategic component of Operator’s revenue. We find that spam typically comprises over 85% of all outbound email traffic, consuming valuable bandwidth in networks. The integrity of a network’s public IP address is crucial in ensuring that legitimate subscribers email can delivered, whilst addressing the challenges that virus and spambot infected subscribers bring. Read More.
Compound Threats

The rise in popularity of the smartphone means that it is fast becoming an attractive platform for sophisticated malware exploitation, with the real potential for criminal gain through use of SMS shortcodes and premium rate calls. When combined with the lack of public awareness of threats, and the implicit trust that mobile users have for mobile messages, smartphones are the growing medium of choice for abuse. Read More.
Privacy Risks

All subscribers are vulnerable to the issue of sensitive personal information being sent without a subscriber’s consent, and in many cases, knowledge. Read More.

AdaptiveMobile - Trusted Network Protection

Global Security Insight