1. Home
  2. News
  3. Cybersecurity News

What phone apps say they do isn’t always true

Battery drainers, click frauders, and data scrapers continue their evil ways

Photo (c) stuartmiles99 - Getty Images
If this holiday season is anything like 2017’s, more than 400 million folks will be unwrapping phones. And what’s the first thing that people do with a new phone? Download apps!

As consumers have come to find out over 2018’s spate of personal data breaches, one can’t be too careful. For every Cambridge Analytica insurgence, there are a dozen more “click fraud” apps out there lying in wait.

Those apps pretend to be run-of-the-mill programs like, say, a game, but the purpose of those apps is to trick the user into downloading pop-up ads and, oftentimes, nefarious malware that will wreak all kinds of havoc.

Functionality, battery draining, and more

Sophos, a British security software company, found 22 apps in the Google Play Store that cause problems such as functionality issues, draining a phone’s battery, harming a smartphone by allowing pop-up ads, or trying to find a way to thieve and sell your personal data.

If those researchers are correct in their estimates, there are more than 2 million phones giving those apps the freedom to do their dirty deeds.

Here’s a list of those problematic apps discovered by Sophos:

  • Sparkle FlashLight

  • Snake Attack

  • Math Solver

  • ShapeSorter

  • Magnifeye

  • Join Up

  • Zombie Killer

  • Space Rocket

  • Neon Pong

  • Just Flashlight

  • Table Soccer

  • Cliff Diver

  • Box Stack

  • Jelly Slice

  • AK Blackjack

  • Color Tiles

  • Animal Match

  • Roulette Mania

  • HexaFall

  • HexaBlocks

  • PairZapf

If it walks like a duck and talks like a duck, well…

Just because an app says its function is one thing, that doesn’t really mean it is. Some apps operate under the smokescreen of, say, a game you can play; but in reality, they can contain code that instructs the app to retrieve other files.

Case in point is the Sparkle Flashlight app. That particular sneaky app was downloaded more than a million times before Google Play detectives deleted it on November 25. Nonetheless, if the app wasn’t deleted from a user’s phone, it still had the power to collect and share user data.

Doesn’t Apple and Google have your back?

There are more than 60,000 new apps added to the Apple and Google app stores every month. Try as they may, it’s a Herculean task to pore through the code of every single app.

"Although both Google and Apple offer a closed ecosystem for app distribution, and actively scan newly uploaded apps for snippets of code known to be malicious, their methods are not perfect," wrote Sophos' Chen Yu in the company's latest threat report.

“Malicious app developers have been gaming the system for years, and their malicious apps do appear in the Google Play Market and Apple App Store,” Yu said.

Warning signs to look out for

Internet talk show guru Kim Komando lists five things to be on the lookout for regarding apps: Surge in data usage, unexplained charges, sudden pop-ups, battery drain, and unwanted apps.

“To be safe, we're constantly warning you to not download apps from third-party stores. With stringent safety protocols, it's more secure to get apps from the Google Play Store,” wrote Komando.

Take an Identity Theft Quiz. Get matched with an Authorized Partner.