.jpg)
By Thiago Hyppolito, Intel Security Product Engineer
If you think there are over a million apps out there, you're probably not exaggerating. There are certainly more apps on the market than we can imagine, which makes it easier to predict that many certainly have security issues.
In September 2014, CERT (Center for Studies for Response and Handling of Computer Incidents) published a list of mobile applications that are vulnerable to man-in-the-middle attacks because they do not correctly validate SSL certificates. Months later, McAfee Labs tested the apps and found that among the top 25 most downloaded apps on the list that sent credentials over insecure connections, 18 were still vulnerable.
Application developers are more concerned with providing users with an attractive and convenient product than with security. Thus, many applications are made available without having secure connections, which ends up creating perfect conditions for hacker attacks; they enter the smartphone and manage to obtain data such as passwords, usernames, contacts, messages and other sensitive information.
Today hackers use toolkits to help them in their mission to break into mobile devices in an approach known as man-in-the-middle. This type of attack seeks to intercept data sent digitally and can also be executed via malicious applications.
The criminal can easily obtain passwords, credit card numbers, Facebook login information, etc. Once the hacker gets all this information, he can do just about anything, including getting a line of credit in the victim's name, making purchases with card numbers, or simply changing social media account information.
Threats on mobile devices are becoming more and more pervasive, especially through apps. McAfee Labs' latest threat report found a 49% increase in mobile malware in the first quarter of 2015 compared to the previous quarter. The number of malware for mobile devices currently stands at nearly 7 million.
Some simple actions can help the user to prevent the problems caused by malicious applications:
• Keep up to date – Look for information about scams and fake apps to stay tuned. Know that mobile malware is on the rise and is also spread via malicious apps.
• Search about apps – Read reviews from other users and check app ratings before downloading.
• Check your sources – Only download apps from known and trusted stores.
• Observe permissions – Check out what each app is accessing on their mobile devices and make sure you agree with it. There are solutions on the market that can scan applications and inform the user when an application requests more data access than is normally required.
• Secure your devices – Install a comprehensive security solution on your mobile devices to keep them safe from harmful apps.
EN 
PT 
