There are billions of people across the world with smartphones, computers, and tablets. These devices rely heavily on software applications to function and give us the capabilities we love. While there are thousands of great apps out there, cybercriminals have also developed their own dangerous versions of phone-friendly programs known as malicious apps.

So, what do malicious apps do, and how can you steer clear of them?

What Is a Malicious App?

As you may have guessed, a malicious app is a software application designed to do harm to the devices on which it is installed.

These apps are sometimes promoted on untrustworthy sites, but can even make their way onto the most popular platforms, such as the Apple App Store and Google Play. Such online stores do what they can to mitigate the spread of these dangerous apps, but many can still slip through the cracks.

Malicious apps all pose a risk, but are not all one and the same. Different malicious apps are designed to carry out different actions.

For example, a malicious app could, in reality, be a spyware program that is disguising itself as something else. Spyware is used to monitor the activity of the infected device. On a smartphone, for instance, this may involve the logging of text messages, login credentials, captured photos or videos, and more.

This could also be considered a Trojan (or Trojan Horse). These programs are designed to appear benign, but harbor dangerous code in the background that can exploit devices without users ever realizing it. For instance, you may install a seemingly harmless VPN app and run it on your device frequently. If it is a Trojan app, it could be monitoring your online activity, logging your keystrokes, and even launching additional malicious programs.

Alternatively, a malicious app could be used to deploy ransomware, adware, or similarly dangerous programs onto devices. Once the malware infects the device, it can get to work on exploiting the user, either by stealing their data or making threats.

Are All Malicious Apps Made by Hackers?

It's important to note here that not all sketchy apps are outright malicious. Some are simply designed poorly, and their security features just aren't strong enough to protect you and your data. Additionally, some apps aren't designed to do harm, but ask for certain permissions in order to function that may put you at risk.

For example, a video calling app may ask for access to your contacts, or a photo editing app may ask for access to your device's gallery. In many cases, this won't threaten the safety of your data, but if the app is pushing some privacy boundaries, or isn't storing data securely, things can easily go wrong, especially if the app itself is targeted by attackers.

While some malicious apps don't get many installs, others can very effectively trick users into installation, allowing for widespread exploitation.

How Common Are Malicious Apps?

close up shot of person using smartphone menu

Unfortunately, malicious apps are pretty common today, even on legitimate platforms. As the demand for applications grows, cybercriminals continue to increasingly capitalize on this market. So just how frequently do these apps pop up, and what are some notable examples?

In August 2022, it was reported by multiple news outlets that 35 malicious apps could have infected millions of devices. This huge hazard, discovered by Bitdefender, saw over two million downloads of malicious apps on the Google Play Store. These apps ranged in their alleged utility. A few were photo editing apps, others offered GPS capabilities, and some provided wallpapers and customized keyboards.

Further back, in 2019, a story arose concerning the infection of a shocking 25 million Android devices. At the time, The Verge reported that a type of malware, known as "Agent Smith", had managed to infect millions of Android devices by hacking apps and forcing the display of more advertisements which are fraudulent in nature. Luckily, Agent Smith can be removed from Android devices, but its ability to infect so many devices puts into perspective how dangerous malicious apps can be, and just how effectively they can appear to be harmless.

So, if malicious apps are so common, is there any way to spot or avoid them? How can you stay safe here?

How to Steer Clear of Malicious Apps

image of padlock sat on laptop keyboard under red and green lighting

The first step you should take in avoiding malicious apps is to know the tell-tale signs of these dangerous software programs, starting with the download number.

On most app stores, you can see how many installs a given app has had. If you notice that an app you'd like to install as an unusually low number of downloads, it may be because it is a new app that hasn't been tested and reviewed by general users. If this is the case, it's best to avoid installing for the time being.

Additionally, you should always take user reviews into account before installing any app. User reviews can be invaluable in many ventures, such as online shopping, hiring services, and, of course, installing applications. If you've noticed that many users are commenting about an app's slowness, unusual permissions requests, or similar, you may be dealing with something malicious, or at least risky.

It's also good to do a little research around apps before downloading them. Though they may seem harmless on the surface, you could find reviews and exposés on the app's security integrity.

You should also look out for red flags on the apps you already have installed. If you are receiving constant popup ads, being asked to grant invasive permissions (such as access to your texts and emails), or experiencing frequent slowness or crashes, you may be dealing with a malicious app.

Malicious apps can also drain your battery very quickly, so keep an eye on how your device's battery is affected when you're using an app.

Malicious Apps Pose a Risk to All of Us

There's no doubt that the prevalence of malicious apps puts us all at risk of malware infection, surveillance, and data theft. So, it's crucially important that you know how to avoid malicious apps before installing them, and that you can spot the red flags shown by apps that you already have downloaded. This way, you can more effectively protect your devices from sneaky attackers.