2,000 Rogue Android Smartphone Apps Discovered Stealing Users' Data

New research has discovered as many as 2,000 rogue applications currently being used by hackers to illegally access smartphone customers' personal data.

Released earlier in November, research by technical professional association IEEE, reported that researchers had discovered malware on more than 2,000 free smartphone apps.

In the association's subsequent report, an IEEE fellow and computer scientist at the National Institute of Standards and Technology, Dr. Jeffrey Voas, suggested that free apps are the primary entry point used by smartphone hackers to break in.

"The issue with free apps is that you're paying a price you don't know about," said Voas. "Of free mobile applications, approximately 1 in 100 now visibly contain malware -- and that doesn't even account for the ones where the malware is so hidden it's impossible to spot. This number is growing by the day, and with most of these rogue apps offering good functionality for free, it's easy to be victimized."

IEEE went on to suggest that the high number of infected apps and smartphones was a consequence of a lack of understanding by the public regarding cyber-security.

"Unlike on a PC, where Web browsers often give plenty of warning about dodgy Web sites with warning lights and alerts, the screens on smart phones are too small to display this protection," said Dr. Madjid Merabti, IEEE senior member and professor of networked systems at Liverpool John Moores University, UK.

"These devices contain identifying information, potentially saved passwords and authentication details, and are much more likely to be misplaced or stolen than other larger portable computing equipment."

Looking to the future, the IEEE prophesied that the number of malicious apps would continue to grow.

"[W]ith the number of smartphone users now representing approximately 20 percent of the mobile market, we will now see an explosion in smartphone attacks, both by technical experts and by novices buying tools from dark websites and conducting low-tech but effective scams. It only takes a couple seconds to steal personal information," said Kevin Curran, a senior member of the IEEE and head of the School of Computing and Intelligence Systems at the University of Ulster.

At the time this article was written the IEEE had not responded to requests for comment regarding how it carried out its research or the exact figures it recorded.