What is the most vulnerable app of 2021? Try to avoid these programs on your devices
As of 2021, Google Play Store has the 1st spot with an estimated 4 million apps available for download to android users. In contrast, Apple App Store stands in the 2nd spot with around 2.4 million apps available to IOS users.
Both companies' inability to security audit every app being uploaded or available over the Stores leads to a severe threat. The threat is it provides bad actors with an opportunity to upload bogus/fake Apps. These bogus Apps are only intended to steal the data as soon as the user downloads it.
Alongside, the legitimate apps available for users also contain a lot of vulnerabilities and zero-days. Most of the time, these vulnerabilities and threats are unknown to their developers.
However, Both the App stores have security reward programs, where the Pentesters and Security auditor submit their findings of malicious or vulnerable Apps.
Now, I will share an app that is considered to be most vulnerable by a security auditor –who happens to be my friend. Additionally, I will also shed light on the programs that you must avoid at any cost on your devices.
📑 Table of Contents
My friend – who is a seasoned pentester, was working on a research project in collaboration with a security audit firm. The research aimed at discovering vulnerabilities in Top VPNs listed on the Google play store. He shared his findings with me as I also belong to the security community.
He and his team selected the top-rated and most downloaded free VPNs available on Google Play Store. They security audited around 20 of them and shared the vulnerabilities with their developers as well as Google.
The most downloaded yet highly vulnerable Free VPNs included;
- Tap VPN – 10M downloads
- Best Ulitmate VPN – 5M downloads
- VPN Unblocker – 1M downloads
Now, you would be wondering – but what is the most vulnerable app of 2021? Relax, I will not fuel your curiosity more. The answer is here:
SuperVPN Free VPN Client with more than 100M downloads is the most vulnerable app of 2021.
This is not a vague statement at all, but it is based on solid security audit findings of my friend and his team.
The scariest part here is that by the time this vulnerable app was discovered, it was present in around 110 million devices. Hence, the personal data of the device user's—which included; credit or debit card details, bank account details, phone numbers, emails, private pictures, and videos, recorded conversations, etc. had already been compromised, stolen and, sold.
While digging deep into this, he discovered that stolen private photos and videos were available for sale on the dark web.
When I asked him why he labeled SuperVPN to be the most dangerous and vulnerable app. His answer was;
First of all, think about the purpose of VPN; we use VPN to secure our private communications over the internet. This means that a vast amount of critical data travels over a VPN channel. If the VPN itself contains vulnerabilities and can be compromised easily, what safety does it provide to us? Keeping in view the user safety and security, I declared this app most vulnerable and dangerous as it can be life-threatening in some cases.
Besides that, users trusted SuperVPN due to its popularity and the secure channel—which they believed provided for communication over a public network. Therefore, users, without any hesitation, shared over VPN their personally identifiable information (PII) and other critical data. Hence, this case is clearly a betrayal of user trust.
Alas, the vulnerability in SuperVPN allows hackers to intercept the communication channel and direct the traffic towards their malicious servers. They can also see the visited websites, usernames, passwords, photos, videos and, messages.
The interception was possible due to a major flaw in its encryption algorithm. The keys needed to decipher the information were present in the communication stream, allowing a hacker to decrypt the sniffed data very easily.
My friend and his team disclosed this major vulnerability to Google App Store via Google Play Security Reward Program. Their findings were based on solid grounds that is why they successfully managed to de-list the app from Play Store.
Google has confirmed that SuperVPN, which has 100 million installs, has a vulnerability that allows for a critical MITM attack. On April 7, it was finally removed from the Google Play store.
Google Official statement
Next time while downloading a free VPN or any other free app from Google or Apple Store, remember the fact that “if it is free then you are the product”.
Google play store has been again hit by joker malware. This malware was discovered last year by the Google security team. Google removed estimate 1700 apps that were found to be compromised by joker malware.
However, this Trojan horse has activated again. Initial reports of its activation came out this year in February. It was discovered that around 20 apps were discovered by Google Play Store to be infected with Joker malware. But, I am getting insights daily from the security community about the discovery of new apps infected with this Trojan. Along with Google, Huawei AppGallery also got hit by this malware this time.
You must be wondering by now that what a joker malware is and how it works?
Joker malware is basically a Trojan horse and spyware that rides over legitimate apps. This malware infects legitimate and popular apps to gain access to user devices. The severity of this malware can be observed by the fact that it even manages to fool Google Play Store security. Moreover, a regular user cannot ever know about its presence on their device.
Now coming to its exploitation technique.
- The moment Joker malware is installed, it immediately starts spying on your device, stealing data and sending it back to the hackers sitting at a remote location.
- In addition to this, it steals money by subscribing users to paid subscriptions without them ever knowing.
- It also can copy SMS messages, contact lists, and other personally identifiable information. This information is shared with the hackers, and then a user can be exploited with identity theft, fraud, and other malicious activities.
Fortunately, the Apple App store is safe from the infection of Joker Malware. Therefore, iOS users do not need to panic. But, Google and Huawei users must be vigilant now.
Below, I will list down the top 15 some of the most popular apps that I found in my research to be infected with Joker malware, and you must check your devices for their presence. If you found any of them, delete them immediately.
- Candy Cam
- Fast Magic SMS
- Free CamScanner
- Element Scanner
- Go messages
- Super SMS
- Travel Wallpapers
- All Good PDF Scanner
- Unique Keyboard- Fancy Fonts & Free Emoticons
- Direct Messenger
- Private SMS
- Blue Scanner
- Paper Doc Scanner
- Style photo Collage
- PIX Photo Motion Maker
These are some of the apps that have been discovered up till now. But, other researchers are also actively digging the Play Store, and every day the list gets updated. For now, be cautious of these apps.
In the latest research report by Dr. Web—a Russian antivirus maker, it has been revealed that around 0.5 million Huawei android devices are infected with Joker malware. They discovered that ten versions of this malware are present in different apps of AppGallery.
Doctor Web’s virus analysts have uncovered the first malware on AppGallery―the official app store from the Huawei Android device manufacturer. They turned out to be dangerous Android.Joker trojans function primarily to subscribe users to premium mobile services. In total, our specialists discovered that 10 modifications of these Trojans have found their way onto AppGallery, with more than 538,000 users having installed them.
The vulnerable apps mentioned in the report include:
- Fun Color: Color Touch Effects
- All-in-One Messenger
- New 2021 Keyboard
- Happy Tapping
- Happy Colour
- Funney Meme Emoji
- BeautyPlus Camera
- Color RollingIcon
- Super Keyboard
- Camera MX – Photo & Video Camera
Huawei users must get vigilant now and remove the above-mentioned apps from their devices. Otherwise, the 0.5 million number would increase to 1 million and above in no time.
Image source – drweb.com
Vulnerable apps will continue to exist on App Stores. The only solution to this that we aware the users of security and detection procedures along with the importance of antivirus.
Joker malware can be defeated by installing paid antimalware and scanning your devices regularly. Moreover, always look for the permission an app asks for while installation. If an app asks for unusual device access, uninstall the app if it is not much necessary.
To know about vulnerable apps in the Stores, you have to follow the latest tech news and blogs actively. Otherwise, there are very few chances that you would know about a vulnerable app present in your device.