Malware in Iranian Application Market

Malware in Iranian Application Market


One of the issues in the world of smartphones is the issue of privacy. In this regard, two applications in two stores of Iranian application market were reviewed and it was found that these two applications, in addition to other destructive activities, also endanger the user's privacy.

The first application in this study was called “InstaFollow Instagram Follower” in the “Iranapps” Android application store. This application has features such as unfollow, analyzing user activities and monitoring the number of followers. The app receives phone calls, location, and read and write access from the user's mobile phone and contacts when installing accesses. However, each time the user logs in, the location information, name and model of the mobile phone, SIM card operator, unique device ID (IMEI) are sent to two different sites.

Malware in Iranian Application Market‬‬‬

The next application in this study was an application called “Istikharah” in the Cafe Bazaar store. This application shows a large number of ads to the user daily, and for this reason, it is in the category of adware. If the user clicks on these ads, they will be directed to pages that allow the user to be abused. These include encouraging membership in value-added services (VAS), transferring the user to specific Instagram pages to follow and direct the user to the download page and installing unofficial Telegram apps in the Google Play Store.

Malware in Iranian Application Market

In addition to the above, when the application is run by the user, location information, name and model of mobile phone, SIM card operator, unique device ID (IMEI) will be sent to one server and another advertising server. This is an example of a user's privacy breach.

Methods of preventing the contamination of mobile phones with mobile malware
  • Using reputable stores such as Google Play and App Store to install the application:
    Downloading apps from invalid sources such as sites and social media pages has security risks. Official app stores have security mechanisms and largely prevent the release of malware applications.
  • Pay attention to the description section of the application:
    Before installing the application, pay attention to the description section. The lack of explanations or insufficient explanations and the lack of communication with the developer of the application can be negative and suspicious.
  • Paying attention to internet consumption by applications:
    Internet usage of any mobile application is easy to see. Excessive Internet usage by an app that does not appear to be active online is one of the most suspicious and should be considered.
  • Using anti-malware tools on mobile phones:
    Use reputable anti-malware tools developed for mobile phones to identify and prevent the installation of mobile malware.
  • Activate the Google Play Protect feature in the Android operating system:
    Enabling this feature causes the applications installed on the user's mobile phone to be periodically checked and if the malicious identifier is identified, the application will be removed from the user's mobile phone.