Mobile App Development 101 - Beware of Malwares (Mostly on Android)
Most people might think that mobile app development is a non-profitable enterprise, the numbers say otherwise (and the old saying states that numbers don’t lie).
Almost half a billion (429 million) mobile devices and connections were added in 2016. Smartphones accounted for most of that growth, followed by M2M modules. Global mobile devices and connections in 2016 grew to 8.0 billion, up from 7.6 billion in 2015. Cisco
Having said this, the market for Mobile App Development is enormous, don’t get frightened by the more than two million apps already floating on the appstores, there’s always room for better, more advanced and newer apps.
Checking some recent numbers…
- $3.1 Trillion in Revenue Generated by the Mobile Industry in 2015 (GSMA)
- This astounding figure represents 4.2% of the world’s global GDP. This was primarily driven by operators, whose total revenue exceeded $1 trillion. In its study, GSMA predicts this revenue to skyrocket to $3.75 trillion by 2020. (Source: GSMA.com)
- Roughly three-quarters of adult internet users across the 40 countries surveyed in 2015 say that they use the internet at least once a day, with majorities in many countries saying that they access the web “several times a day.” (Source: Pew Research Center)
- According to expandedramblings.com, there are 1.4 billion Android users, and Android has about 87.5 % of the global mobile operating system market.
- Apple has 18.7% market share, reported by DeviceAtlas.com
This means that if you’re in the mobile app development area, Android should be your primary target, right? at first glance, seems like it, but...
The darkside is strong in this one
- The number of threats―especially on the Android platform―continues to increase. Since 2010, SophosLabs has observed more than 1.5 million samples of Android malware. (Source: Sophos).
- Android allows the installation of apps through third-party app stores (Which seems like a good idea, having your apps shown in different places) but the main cause of apps being repacked with malwares comes from there, according to PcWorld.
- The traffic of these third-party app stores is gigantic in China, there are many that have enormous traffic on their sites (Source: Chinaappmarketing).
- The process of making an app “malwareful” is quite easy and takes “just minutes” to complete.
- The vulnerabilities on an app can be exploited in two ways, stated by the people from Security Intelligence, either with “Code Modification or Code Injection” or with “Reverse Engineering or Code Analysis”. Avoiding your app being “hacked” should be a priority, making your code “strong” is a good advice, like this guide into How To Develope Your First Mobile App In 12 Steps 2.0 2017 (Newer and better version)
What apps are more bound to get repackaged?
It may come as a surprise to many (Sarcasm quote), but games are the primary target by hackers to be downloaded, repackaged and uploaded to these third-party app stores:
- Flappy Bird (Source: Trendmicro)
- 8 ball pool
- Fast Cleaner
- WiFi Accelerate
- Candy Crush (in any of its versions)
And these were recently found on the Google Play Store (Source:Hackread.com)
- Temple dead run
- Zombie Fire
- Zombie Crush Racing
- Battle city Gunner
What about iOS?
iOS seems safer for mobile app development due to its filters when it comes to apps being stored in the Appstore. In contrast, in Google’s Play Store apps are checked and revised after a short while, Apple takes it more seriously and whenever you want to upload an app, it takes about a week to be accepted or rejected by them (AppMakr)
Nevertheless, iOS isn’t 100% Malware Proof. Recent examples, like the iOS-based malware XCodeGhost have proven that iOS is vulnerable to malicious attacks as well. (Sophos)
What can you do to protect your app?
Well, that depends on what service you want to provide and how you want to write your code. You can do Java, Ruby, Python, Node.js, .NET, PHP, etc. Each of them can pretty much do anything in a secure mode, being up-to-date with the latest trends on app security will also help a lot, if you know someone in the industry, talk to them so you can know what the newest threats are. Also, take some time to ask yourself these questions:
- Do I already know the language basics? You may want to make it more complex so it takes more time to “break”.
- Do I like how it's build and how it works? checking and rechecking your work will assure more quality on your app.
Mobile app development is far more complex than just making the app, it goes with a huge responsibility. Whenever making an app, it might seem lucrative to send your baby to a chinese or Hindu app store to make more profit, but your reputation as a mobile app developer can (and certainly will) be stained with the scarlet letter M of Malware, so, keep those codes strong and sturdy, and trust your app stores.