Cybersecurity firm Avast, famous for their multi-platform Antivirus software, has taken to a blog post today to discuss the situation of fake apps in the Windows Phone Store and why the platform is becoming an attractive target for hackers and cyber-criminals.
To be clear, no virus was found on the Windows Phone Store. Instead, the Avast team uncovered 58 fake apps mimicking several global brands including Facebook, CNN, BBC and Whatsapp, made by 2 hackers under the name Ngetich Walter and Cheruiyot Dennis. The fake apps collect basic data about users and display location-based advertisements, while a number lead users to pages with forced purchasing requests. While not directly harming the system, these fake apps damage users’ privacy and are surely black spots on the reputation of the Store and Microsoft.
The blog post also details fake app makers’ monetization scheme, usually through ads click and misleading ads, as well as the motivation behind these apps. As Apple and Google continue to perfect the store algorithms and incorporating better security measures, their respective Stores are becoming increasingly hard target for hackers, prompting them to turn to less well-known third-party app stores like the Windows Phone Store, where fake apps can persists for weeks or even months before taken down.
The customer self-reporting feature has clearly shown its ineffectiveness in detecting these fake apps, so it suggests that in order to gain people’s trust in their app store and their platform, Microsoft needs to take matters into their own hands and improve things fast. Hopefully we will see improvements with Windows 10 Mobile, set for release later this year, and the unified Windows Store.
We’ve reached out to Microsoft for comment, we’ll update if we hear anything back.
Update: Microsoft did indeed respond:
Further reading: Apps, Cybersecurity, Microsoft, Windows Phone
We are aware of recent claims of “scam” or unauthorized versions of certain apps and games being sold in the Windows Store. We take claims of intellectual property infringement seriously and review them in accordance with our standard procedures. We also continue to review the content of our Store periodically as described in our blog post on the subject, as we work to deliver a great customer experience and provide fair and transparent developer policies and enforcement” – a Microsoft spokesperson