Marble Mobile Security Labs Report: Communication, Social Media and News Mobile Apps
SUNNYVALE, Calif. – March 18, 2014 – Communication, social media and news mobile apps top the riskiest list of 34 Android app categories analyzed in the Marble Security Labs' Mobile App Threat Report, March 2014, announced today.
Based on an analysis of more than 200,000 Android apps in 34 categories during February 2014, Marble Security ranked these as the 10 riskiest mobile app categories:
- Social media
- News and magazines
- Media and video
- Travel and local
- Music and audio
Surprisingly, the lowest risk category was games, followed by app widgets and wallpapers.
"Our research proved that some mobile app categories put companies and consumers at more risk than others," said Marble Security Founder and CTO David Jevans. "Mobile threats are not just about malware. Even seemingly innocent apps can pose data leak risks as they feed information to advertising engines or hackers' servers, comb through contacts or emails, or exchange documents. Mobile security is a new and rapidly evolving field, and these findings help identify the categories that deserve the most scrutiny."
While consumers must be aware about which apps they install and how they disclose their information, companies must be diligent about allowing apps on their employees' devices, as apps can pose a significant risk of data, credential and corporate information disclosure. Apps that may be acceptable to consumers can expose companies to risks that may leak data or create the risk of advanced persistent threats (APTs) by mining corporate contact databases, phone call traffic and SMS traffic.
Here are some of the ways in which risky app behavior can pose a risk to consumers and businesses:
Health, fitness and lifestyle apps read user data – Health, fitness and lifestyle apps often poorly protect user data and privacy. This is presumably because developers of these apps want to learn as much about a user as possible in order to tailor fitness programs, as well as to offer other products for sale. However, this data mining can expose corporate data or address book information, which then leaves a company's control. In fact, some health, fitness and lifestyle apps display characteristics common to malware.
Communication apps more risky than previously thought – Communication apps can pose a risk to companies. Many of these apps mine the user's contact database. If those databases get data and updates from the corporate Active Directory, then apps can mine that data and send it to third parties over the Internet. These apps often mine phone call logs and SMS logs too. It can be very risky for businesses to allow employees to use communication apps on their devices that have not been analyzed, especially if their contact database is connected to a corporate directory.
Social media apps are among the riskiest – An analysis of more than 4,500 different social media apps determined that this category poses a high risk to companies, employees and individuals. Some social media apps are very well-behaved and pose little risk. However, there are hundreds of social media apps that expose users and their companies to data loss, account takeover and privacy violations. More than 100 social media apps exhibit behavior common to that of malware.
To determine and rank the riskiest types of apps, Marble Labs measured threats in these risk types:
- Privacy – These apps may leak user identifiable information to third parties
- Data Leakage – These apps expose companies to loss of data, such as files and corporate directory information
- Account Takeover – These apps exfiltrate or access user credentials, creating the risk that online accounts may be taken over
- Device Takeover – These apps expose data about the device and its network services that may result in device takeover or cloning
- Malware – Apps that are purely malicious are categorized as Malware
Marble Labs assigned a risk score for each of the five risk types, based on weighted scores of the permissions that an app requests, the APIs that an app can call, actual code execution of those APIs and whether sensitive data is actually sent from the device. Apps with risk scores two standard deviations or higher than the group's mean average were judged as exhibiting risky behavior, and the categories were ranked based on those categories with the highest percent of these "risky" apps.
More information on the findings and methodology is available in the full Mobile App Threat Report, March 2014 available online.
About Marble's Mobile Security Platform
Marble's mobile security platform is a next generation cloud service that combines advanced functionality with essential mobile app management (MAM) and mobile device management (MDM) capabilities. Marble is defining the emerging mobile security management category, MSM, which goes beyond MAM and MDM with advanced features like app scanning, secure browsing and real-time cyberthreat protection.
Enterprises are now faced with the reality that traditional MDM solutions do not protect their mobile programs. At the same time, mobile malware and phishing attacks have more than doubled, increasing the risks to enterprises from BYOD and mobile access. Marble addresses these problems directly with the MSM capabilities in its next generation mobile security platform that includes these elements:
- Marble Messenger allows encrypted messaging on mobile devices with an auto-destruct feature
- Essential MDM is for organizations that have not yet deployed MDM or are looking to replace their existing MDM solution with a more secure, less expensive, all-in-one solution
- Essential MAM allows corporate apps to be remotely provisioned, updated, blacklisted and deleted
- Mobile App Scanning/Device Security features actively protect against malware, unauthorized data access and phishing while enforcing security policies
- Secure, Hosted VPN that isolates users from network attacks like man-in-the-middle, re-directs, poisoned DNS, phishing and wireless eavesdropping
The Marble mobile security platform lets administrators, via the cloud, set and enforce risk-based policies, control mobile security through dashboards and run risk analytics and compliance reports. More information about Marble is available at www.marblesecurity.com or by calling (408) 737-4300.
About Marble Security Labs
Marble Security Labs dedicates resources to discover and track rapidly evolving mobile security threats facing enterprises and their workers. The research supports the Marble mobile security platform, which actively scans mobile devices and has built-in dynamic security analysis, detection and prevention against mobile security threats. Marble Security Labs currently focus on five critical threats: jailbreak/jammer – detection and protection; dynamic app analysis of behavior; static app analysis; poisoned and malicious DNS; and phishing site detection. Resources from Marble Security Labs include podcasts on mobile security, the Marble Security blog and Marble ThreatWatch, delivering the latest news, commentary and strategies for mobile security.
About Marble Security
Marble Security, Inc. offers a mobile security cloud service that protects against the ever-changing threats unleashed into enterprises by mobile devices. Simple to use and deploy, the Marble cloud service includes patented, adaptive protection to eliminate risks to corporate data, networks and applications. Criminals, competitors and hostile governments target enterprises and end users with an ever more sophisticated array of attacks. The BYOD workforce is particularly at risk. Marble secures enterprises from mobile workers' access to corporate and public networks and cloud services on Android and iOS mobile devices, offering more comprehensive protection than any other solution on the market.