Malware vs. Insecure Apps

From scammy apps charging for what is actually free, through money-extorting ransomware, to banking malware capable of emptying bank accounts – it is no question that malware poses a serious threat to Android users. However, users can protect themselves against mobile malware quite efficiently: those who follow mobile security best practices and use a reputable mobile security solution are practically safe from the abovementioned threats. Insecure apps are much harder to protect from while being no less of a threat. The poll ESET’s Lukáš Štefanko organized on his Twitter shows that users are aware of this:

Question: What do you think mobile users should be more afraid of? Considering their security and privacy.

As insecure apps cannot be blocked by security solutions, it is up to users to protect themselves. The problem is that from the user perspective, it is hard to tell insecure apps from secure ones. No clear rules apply here because apps come in too many flavors to fit into simple criteria or patterns. What can help in such a situation is a healthy level of suspicion based on a general knowledge about how apps are developed, what their business models are and what the overall ecosystem looks like. The goal for the Android App Watch blog is to provide users with information and insight to be able to do right choices about their Android apps.

All discoveries published at Android App Watch were previously shared with the particular developer. We stick with principles of responsible disclosure; our disclosure deadline is 90 days. 

ESET in numbers

110m+
users worldwide

400k+
business customers

200+
countries & territories

13
global R&D centers