Quran and Bible apps have been shown to be a target for cyber-criminals, says a new report from Proofpoint, a California based SaaS company. It showed that many Bible and Quran apps engage in highly risky behaviour with some even infected with malware.
The SaaS company reviewed 5064 religious apps only to find that nearly 350 of them either contained malicious code or engaged in high risk behaviour. The report notes that “many Bible apps do not have privacy policies, which is fitting since many apps send data about the user to a variety of countries, with some apps communicating to over fifty servers.” The report added, “Some have added a wide variety of advertising and social networking capabilities, dramatically increasing the risk exposure of users.”
The Quran, the Islamic holy text, suffered from similar vulnerabilities, albeit fewer. Of nearly 5000 analysed apps, 16 contained malicious code and a considerable number engaged in risky activity. Apps that provide the Torah, the main holy scripture of Judaism, did not suffer from the same relatively high incidence of malware.
The risky apps, Proofpoint classifies as riskware: apps that communicated with many external servers and risk infection through that communication though they ‘look' legitimate. Proofpoint notes that such ‘riskware' often masquerades as a legitimate app but can “can steal user information, track browsing, access contacts and calendar, and make unauthorised calls: a steep price to pay for a ‘free' app.”
The report also showed, perhaps unsurprisingly, that mobile gambling apps were replete with malware. It analysed 23,000 card game apps (roughly three quarters of which were on Android and the last quarter on iOS). Of those, 52 apps contained malicious code, another 379 were deemed high risk and 3200 were of moderate risk. A total of 14 percent of the gambling apps Proofpoint analysed engaged in some kind of risky behaviour.