McAfee said in a post that ” The report explains the dynamics of mobile app collusion, where cyber criminals manipulate two or more apps to orchestrate attacks capable of exfiltrating user data, inspecting files, sending fake SMS messages, loading additional apps without user consent, and sending user location information to control servers.” McAfee also mentioned similar behavior over more than 5,000 versions of 21 apps that are designed to present valuable user services like video streaming, health monitoring, travel planning etc. The report also revealed that if the user doesn’t mind to update the applications on time then they are likewise vulnerable to malicious attack and this may guide to mobile app collusion. McAfee Labs has also identified three types of threats
Information theft: An app with access to sensitive or confidential information willingly or unwillingly collaborates with one or more other apps to send information outside the boundaries of the device Financial theft: An app sends information to another app that can execute financial transactions or make financial API calls to achieve similar objectives Service misuse: One app controls a system service and receives information or commands from one or more other apps to orchestrate a variety of malicious activities.
Vincent Weafer, vice president of Intel Security’s McAfee Labs group said “Improved detection drives greater efforts at deception, It should not come as a surprise that adversaries have responded to mobile security efforts with new threats that attempt to hide in plain sight. Our goal is to make it increasingly harder for malicious apps to gain a foothold on our personal devices, developing smarter tools and techniques to detect colluding mobile apps.”