E X P E R T
F O R E C A S T
E X P E R T
F O R E C A S T
with functionality they can ’ t get on the official app stores . Yet these unofficial app stores – as mentioned – are packed with malicious apps – masquerading as legitimate ones just waiting to infect unsuspecting users . Most of that – 73 % – will be riskware which introduces spyware , adware and other unwanted programmes along with the desired application . A smaller proportion – 11 % – will be trojans pretending to be legitimate apps and a further 10 % are pure malware , meant to do nothing else but steal or destroy . In fact , the GMTR shows that users who sideload apps are 200 % more likely to have malware on their devices .
On top of that , Zimperium has reviewed its collected data on the malware found in these sideloaded applications by extracting the unique hashes of those apps . Over half – 56 % – of those hashes were from completely unknown threats .
The problem doesn ’ t end there . In order to actually go through the process of sideloading an app onto a device , users often have to jailbreak their own devices , overriding those phones ’ inbuilt security controls and actually weakening the devices resilience against threats . to roll out apps quicker . It ’ s important to note that sideloading applications is often carried out for legitimate reasons and even companies like Amazon once had to ask users to sideload their proprietary apps .
Sideloading is simply a way of loading applications for unofficial sources . It sounds innocent enough and the people who do it , certainly don ’ t intend to harm themselves or their employer . But therein lies the problem – sideloaded apps are an easy way to smuggle malware onto a phone and thus exploit the user and everyone they associate with them .
The sideloaded app ecosystem
In fact , cybercriminals are anticipating exactly these kinds of opportunities . Official app stores – such as the Google Play Store – are replete with vetting processes and security controls that ensure the trustworthiness of the apps they allow on there . The rules are there for a reason – and although that might seem overly restrictive to many – they generally keep users safe from malware and malicious intrusion .
That is too restrictive for many , who go to unofficial app stores to find apps
From that point of view , it ’ s quite easy to see how sideloading can become a serious risk for a sector , especially one that handles proprietary information , intellectual property and capital on the scale that the financial services sector does . Corporate spies and cybercriminals will be actively looking for targets in this sector , seeking valuable targets to exploit . Financial services is also a highly regulated sector and the theft of valuable personal data or proprietary secrets may well invite compliance penalties .
Sideloading is a problem everywhere . The European Digital Markets Act has now compelled Apple to accept unofficial app stores on its devices . While well intentioned – this will likely heighten the risk profile for devices across all sectors .
The financial services sector may engage in sideloading for good reasons , employing proprietary technologies which aren ’ t meant for public use , but
64 www . intelligentfin . tech