661 blacklisted Bitcoin apps which leave users open to hackers
661 blacklisted Bitcoin apps which leave users open to hackers

Apps on Google Play and others could steal money and personal data from victims. App stores are hosting 661 blacklisted Bitcoin apps which leave users open to hackers, accoriding to a recently published report.

RiskIQ analysed 18,408 apps across 20 App stores - including Apple, Google Play, SameAPK and APKPlz. It found that by monitoring ten  of the popular Bitcoin Exchanges in the app title, it found a staggering 661 to be blacklisted by official cyber-security vendors (3.6 percent of total) - but still available for download by users. 

The top stores hosting these potentially dangerous apps were Google Play (272), ApkFiles (54) and 9Apps (52). RiskIQ's research showed almost 3 percent of apps with “Bitcoin exchange” in the title were blacklisted, as well as 2.6 percent using “Bitcoin wallet” and 2.2 percent listed as “cryptocurrency".

The company said that hackers behind the malicious apps, which have been blacklisted by one or more cyber security vendors, can trick users into handing over large sums of money or personal details for financial gain.

The rise in unofficial and potentially malicious apps across multiple app stores will alarm potential investors looking to buy into Bitcoins.

Fabian Libeau, vice president of RiskIQ, said anybody considering downloading such software to be extremely cautious and to research each app. 

“We are seeing threat actors around the world exploiting what is already a hostile currency in a lawless digital world," he said. 

"Before handing over any cash or personal data investors should carry out thorough research into the exchange and wallet apps they intend to use. By checking the developers name, user reviews and the number of app downloads, investors can measure the validity of an app and be more confident in their choice.”

He added that mobile apps are blacklisted for a variety of reasons, "from containing nuisance-ware such as unwanted ad servers to installing malicious code on the phone to harvest credentials or undertake other malicious activity."

"Because of the current popularity of cryptocurrencies, it's no surprise to find the number of blacklisted apps related to them is on the rise across many of the app stores," he told SC Media UK.

He added that users can protect themselves by looking at the developer name - does it look legitimate? If unsure, research it before proceeding. They should also look at the permissions it is requesting. "Do these look reasonable for the tasks the app needs to perform?" He said. Users should also look at the number of downloads if available as well as the reviews.

Lee Munson, security researcher at Comparitech.com, told SC Media UK that Google Play has had a problem with malicious apps for some time now due largely in part, it seems, to the inability of its automated software to spot dodgy code in a timely manner. 

"The fact that this situation persists also seems to imply that human checking of apps is not quite what it could be," he said. 

“With that in mind, businesses may do well to lock down mobile devices in such a way that only whitelisted apps can ever be downloaded, or so that a change request has to be made on a case by case basis for every single app the user wishes to install. If neither of those options are palatable, closing down Port 80 will go a long way in thwarting the specific risk presented by Bitcoin mining apps.

“The threat posed by such malicious apps is not as serious as that presented by more malicious code but the potential increase in electricity costs, reduced computing performance and lessening of hardware life are all valid reasons for concern.

Ilia Kolochenko, CEO of High-Tech Bridge, told SC Media UK that Cryptocurrencies became a valuable asset that can often be easily sold or exchanged for other goods. "Providing a relatively high level of anonymity, they are a perfect target for cyber-criminals. Therefore, we should expect to have more fraudulent and malicious apps targeting the digital currency audience," he said.

"Depending on the device, installed OS, granted permission, and applicable restrictions or MDM (if any), a mobile application can do virtually anything that a mobile application is technically allowed to do – from stealing sensitive data to placing unwarranted calls on paid numbers, etc," he added.