Threat Analysis: Third Party Apps

Locked-down

Bypassing security in computers can be as easy as tricking someone into downloading something that they should not. This is especially true of third party apps.

Third party applications are programs written to work within an operating system but were not created by the makers of the operating system. In short, they were not created by one of the big three: Microsoft, Apple, or Linux.

These applications can be standalone, like the Youtube app, or they can be plugins that add functionality to another program, such as AdBlock for the Chrome web-browser. This means that the majority of programs, including most anti-virus programs, firewalls and multimedia programs, are third party.

Theoretically speaking, using third party applications can lessen the number and extent of potential vulnerabilities in a system when used to isolate certain functions, such as email, from other applications in the system. The problem is that many third party apps do not isolate themselves. Instead, many want access to other parts of the system.

Many applications are transparent and innocuous in their requests for access, like a photo-alteration program wanting access to your camera and photos. These requests are necessary for the program to work. Other applications are not. On example is ransomware, a malicious program that gains administrative access to the system to “lock” your keyboard or computer and prevent you from accessing your data until you pay a ransom.

One such ransomware is an app called Porn Droid. Porn Droid masquerades as an app for viewing adult videos. The underlying malicious code is known as a LockerPin Trojan that activates the devices administrator privileges in a hidden underlying window. The malicious code uses this access to take a picture of user, lock the system and display a message directing the user to send money in the form of Bitcoin to the maker.

Similar applications can be found in application download centers such as the Google Play store, which does not investigate all apps that is makes available for download. Even companies that have strict guidelines on what can enter the marketplace on their devicesre susceptible. This has been demonstrated by the release of malware on the Chinese iOS store.

What we learn from these examples is that users must be wary of what they download onto their devices. Every application has the potential to harm the system for which it was downloaded. Good questions to ask before and after downloading an application include:

  • Do I really need this app?
  • Are there any negative stories about this app online?
  • Does this app really need these system privileges to properly run?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s