App stores are increasingly becoming a major security worry

News
By published

Researchers are finding new malware in popular app stores

A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
(Image credit: Brett Jordan / Pexels)
  • Gen research claims malicious apps on major app stores are on the rise
  • New banking trojans, predatory loan apps, and similar, have been spotted
  • Official app stores are still a safer bet than third-party ones

App stores are becoming an increasingly major security concern, as more and more malicious apps are discovered in stores owned by major brands, experts have warned.

A new report from cybersecurity researchers Gen claims it observed new mobile bankers (phone applications designed to steal banking information) launched in the fourth quarter of 2024, often disguising themselves as Visa apps, dating apps, or Chrome browsers. Gen added that the well-known BankBot banker compromised 236% more devices compared to the previous quarter.

Besides banker apps, malicious loan apps surged as well, the researchers said. These promise quick money, but demand excessive permissions (SMS, photos, sensitive data) which they later use in extortion, threatening to publish victim data unless they pay up.

Generally safe

Gen also noted cybercriminals are adopting novel distribution tactics in app stores. Recently, they discovered a new malware strain disguised as a Body Mass Index (BMI) calculator. The app was spread through the Amazon App Store.

Major app stores like the Apple App Store, Google Play Store, and Samsung Galaxy Store are generally safe because these companies invest heavily in security measures to protect users. They use automated malware detection, manual app reviews, and strict developer policies to prevent harmful apps from reaching their customers.

Features like Google Play Protect scan apps in real-time, while Apple’s notarization process ensures apps are vetted before approval. Regular security updates, user reporting systems, and app removal policies further enhance safety.

Obviously, no platform is completely risk-free. We’ve seen malicious apps make their way into these stores in the past, and we’ll probably see them in the future, as well. However, these app stores provide a significantly safer environment than third-party or unofficial sources.

You might also like

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
mobile phone
Popular Android financial help app is actually dangerous malware
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
In this photo illustration a Google Play logo seen displayed on a smartphone.
Over 2 million risky Android apps were blocked from the Play Store last year
Latest in Security
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
Latest in News
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is about to make a major announcement about the MCU, and nobody's sure what it'll be
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch
Image of Naoe in AC Shadows
Assassin's Creed Shadows best graphics settings for PS5, PS5 Pro, and Xbox Series X
Promotional image for Malcolm in the Middle featuring the original cast playing golf
Malcolm in the Middle's Disney+ revival gets underway as the series finds its cast – here's which characters are returning
Group of people meeting
Inflexible work policies are pushing tech workers to quit
More about security
Representational image depecting cybersecurity protection

Third-party security issues could be the biggest threat facing your business
Android Logo

Devious new Android malware uses a Microsoft tool to avoid being spotted
Nintendo Switch Lite

Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
See more latest
Most Popular
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
Image of Naoe in AC Shadows
Assassin's Creed Shadows best graphics settings for PS5, PS5 Pro, and Xbox Series X
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is about to make a major announcement about the MCU, and nobody's sure what it'll be
Promotional image for Malcolm in the Middle featuring the original cast playing golf
Malcolm in the Middle's Disney+ revival gets underway as the series finds its cast – here's which characters are returning
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch
Group of people meeting
Inflexible work policies are pushing tech workers to quit
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Thursday, March 27 (game #655)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Thursday, March 27 (game #389)
Youtube
YouTube Premium could be getting a new time-saving perk, showing you recommended videos directly in your playback queue