Earlier in March, researcher Randy Westergren, decided to investigate the gameplay mechanics of popular trivia quiz app Trivia Crack.
What he found was surprising. Within the app’s code is a hidden “cheat mode” that provides the player with the answers to each question, clearly not intended for general use.
While discovering “cheat mode” doesn’t present an immediate threat to most players, it’s a timely reminder that not all apps are secure.
Westergren altered the Trivia Crack’s code to harmlessly enable “cheat mode” but it is also possible to insert malicious code.
As Westergren explains, this vulnerability “should serve as a good example that client application privacy cannot be guaranteed and developers should be careful about what’s included in their compiled releases.”
Trivia Crack is certainly not the first popular app to face scrutiny from potential attackers with apps such as Angry Birds often the target for malicious attack.
As AVG CTO Yuval Ben-Itzhak explained in his recent blog post, “hackers are clever; they have found ways to get around stringent app store controls by exploiting existing non-malicious apps that are vulnerable.”
The largest challenge for mobile security today is not blocking malicious apps but instead protecting benign apps that are vulnerable to attack thanks to short time to market, small development teams and budgets.
Even apps from well-known developers or apps that you have had installed for a long time can become vulnerable if not properly maintained and security tested.
How can players protect themselves?
The best way to defend yourself against malicious apps is to download mobile antivirus on your device.
AVG AntiVirus for Android FREE has over 100 million downloads from the Google Play Store.
Watch this video for more tips to help you protect your Android device,