Blacklisted apps increase 20%, attackers focus on tax-branded key terms

In 2018, global app spending hit $101 billion and is expected to surpass that this year. Mobile is a significant portion of the overall corporate attack surface where security teams often suffer from a lack of visibility.

For the second consecutive quarter, blacklisted apps increased with a 20% spike, accounting for over 2% of all apps in RiskIQ’s telemetry.

Q2 2019 key findings include:

• Despite the 20% increase in blacklisted apps in Q2, the number of blacklisted apps in the Google Play Store decreased by a dramatic 59%.
• The percentage of blacklisted apps relative to the total number of apps known also increased for the second-straight quarter, jumping from 1.95% to 2.1%.
• 2,554,616 apps have been detected, a nearly 11% increase in app downloads from Q1.
• Feral apps proved to be exceptionally dangerous, with a 51% blacklist rate.
• The research found 4,162,450 total apps matching tax-branded key terms in app stores around the world, with 30% of them, 1,221,070, blacklisted.

Malicious apps mimicking reputable, highly downloaded apps is a persistent problem. These tactics are successful because we recognize and make instantaneous judgments about visual stimuli.