in Identity Theft

Flashlight apps lead the way for malware

This morning Fox News issued a Special Report regarding cell phone flashlight apps that are actually malware.  It is estimated that 500 million phones are currently infected.  The report did not specify which types of phones but it did say the flashlight apps in question were available on Google play. It looks like iPhone users dodged this one.

A company by the name of SnoopWall tested the top ten free flashlight apps available on Google play.  The results were frightening.  These apps were more than just a flashlight.  They were malware.  Malware is softwareattention with malicious intent.

When you installed one of the flashlight apps you gave the creator of the app access to your information including your photos, contacts, name, email addresses, credit card information, bank account information, videos and GPS location.  All of this information was easily harvested from your cell phone.  It could have been stored on your phone or obtained while you used your phone to check your bank or credit card account.  Call me crazy but all I want my flashlight to do is to shine light into the darkness, not put me at risk of fraud or identity theft.

So what can you do if you have one of these apps?  The first thing to do is to uninstall the app.  But you cannot stop there.  Many of these apps leave behind a virus to continue exposing your information.  In order to completely remove the app you must return to the store from where you purchased your phone and ask them to do a factory reset.  This will erase everything from your phone.  A word of caution: back up your contacts and photos before the factory reset.

But I need a flashlight?  Are there any apps that are safe?  It is has been suggested that you need to look for flashlight apps that are 100kb or smaller.  Anything larger and you are installing much more than a mere flashlight.

How can I prevent installing malicious apps?  The best thing to do is to read the privacy policy and/or terms of service agreements prior to installing ANY app.  I know it takes too much time to read through all of the legal jargon.  Too bad!  Take the time up front or it will cost you more time and money in the end.  But not all apps are honest about what information they are harvesting.  For example in 2013 the FTC investigated “Brightest Flashlight” for disclosing user location and device ID without the consumer’s knowledge.

Another tip is to install only essential apps.  By limited the number of apps installed you are limiting the risk of exposure.  For those of you with children make sure they are NOT able to install apps without first getting your approval.  The last thing you want is for your five year old to download a malicious app onto your tablet.  The same tablet you use for work where you access sensitive information.

If you have downloaded and installed a flashlight app from Google play your phone might be infected.

  • Take the necessary steps to remove the infection and use caution in the future.
  • Read ALL terms of service agreements and privacy policies before downloading.
  • Do not permit your child to download apps without you reviewing it first
  • Stick to the essentials