Over 150 US election-related mobile apps found to be dangerous or malicious

Edward G. | January 27, 2021

The COVID-19 pandemic has forced many people to turn to the internet for information about the elections. Moreover, a large part of the population voted digitally. This shift created countless new attack vectors for cybercriminals.

According to data presented by Atlas VPN, over 152 US election applications have infringement issues, and 16 mobile apps have malicious code within them.

Fortunately, RiskIQ, a cybersecurity company based in San Francisco, California, delved deep into the mobile application landscape to figure out how many apps are dangerous to voters. In total, the research found 186 US election apps, out of which 152 were deemed fraudulent or malicious. Meaning, these apps claim to be authorized by the government or by the State, but in reality, they are not.

What is more, 16 applications even have malicious code inside them, turning them into a powerful tool for hackers.

Data also reveals the geographical location from which the application originated.

Not surprisingly, most election applications originate from within the US. The good news is that it is easier to submit a complaint and take down these malicious services if they are in the US. On the other hand, if the application is in a foreign state, it might prove difficult to take it down in a timely manner or at all.

For example, 17 applications are placed in stores that are registered in Hong Kong. Similarly, 14 infringing mobile election services are available in China’s app stores or websites.

Also, 10 applications are distributed from Panama — a country with loose digital privacy regulations. The Netherlands and the United Arab Emirates are also among the top six countries by infringing app location.

Application stores are spread all around the world and are subject to different rules and regulations. For these reasons, it is easier for scammers to release an unofficial service in one country than in another.

What are infringing apps?

Infringing apps mimic the official ones for a variety of reasons. Here are the four main issues with unofficial election applications:

  • Fraudsters collect personal data in an infringing manner. For example, they collect too much personal information or collect data even without disclosing that they are doing so.
  • Requiring unreasonable permissions to use the application. In this case, an application requests or requires the user to give away access to his sensitive data without any real necessity. These permissions include access to phone contacts, gallery images, and so on.
  • Purposeful restrictions of the user’s rights. Here, scammers hide the option to cancel a paid subscription, remove their accounts, and apply many other limitations along the same lines.
  • Finally, after gathering information about the user’s activities, malicious actors can disclose data to third parties for financial gain. Unfortunately, there are companies and other ill-meaning third parties that pay to get sensitive information about consumers.

Who’s the most vulnerable target?

Which consumers should watch out for these threats the most? Firstly, the investigation reveals that most infringing applications are aimed at Android users, comprising 95.6% of the total dangerous apps detected.

What is more, applications are distributed throughout various app stores and websites. These distributors can be grouped into four main categories — official, secondary, affiliate, and hybrid stores.

Official stores are authorized, large-scale suppliers. The main ones are Google Play Store, Apple App Store, and Samsung Galaxy Apps Store.

Naturally, these stores have the best security practices. Research data uncovers the fact that only 1.2% of dangerous election applications are from official stores.

In contrast, secondary stores have more than half (50.5%) of the infringing apps. More often than not, secondary stores have loose cybersecurity measures. Meaning, owners of those stores do not pay close attention to whether or not the official owner submits the application.

Second place goes to hybrid stores, containing more than a third (34.6%) of these fraudulent services. Hybrid store architecture is a mix between those of the official and secondary stores.

Important security guidelines for users

Since these malicious election-related applications are unauthorized, with some investigation, you can figure out if they are legitimate or not. While the current elections are over, keep these tips in mind during the next ones and when dealing with mobile apps in general.

  • Only use official app stores. A large number of fraudulent apps are distributed through third-party mobile app stores. Those stores have insufficient security measures, allowing cybercriminals to spread scams without jumping through too many hoops.

    Yet, as history shows, even official app stores are not perfect. Countless malicious apps have been taken down from official stores after they have been available to download for months.

  • Limit permissions as much as possible. Does an application used for election purposes really need access to your contacts? Whenever possible, decline all permissions. If you cannot use the app after rejecting permissions that, logically, should not affect the functionality, then a huge red flag should go up.
  • Be aware of the fact that reviews on app stores can be faked. You might see an application having hundreds of 5-star reviews and comments, but scammers can fake all of these without too much hassle.
John C.

Edward G.

Cybersecurity Researcher and Publisher at Atlas VPN. My mission is to scan the ever-evolving cybercrime landscape to inform the public about the latest threats.

Tags:

malwareprivacy