BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Elite Russian Hackers Claim To Have Breached Three Major U.S. Antivirus Makers
School Lunch Business Rivalry Leads To Hacking Charges
Cybercriminals Steal $1.75 Million From An Ohio Church
Ransomware Hits Yet Another U.S. Airport
A Free Wi-Fi Finder App Exposed Passwords To Millions Of Networks
A Ransomware Attack Knocked The Weather Channel Off The Air
Edit Story
ForbesInnovationCybersecurity

Cyber Sacrilege At Christmas -- Android Malware Hiding In Bible Apps

Thomas Brewster
Forbes Staff
Senior writer at Forbes covering cybercrime, privacy and surveillance.
Following
This article is more than 8 years old.

Hoodwinking those of faith, those whose life is built on believing, is an easier task for a malicious hacker than going after paranoid technophobes. That’s why hundreds of malware types are hiding as Bibles and Qurans, or related religious apps, across the Google Play marketplace for Android phones.

Security company Proofpoint isn’t revealing which exact Android apps are doing bad deeds, as it is going through the process of disclosure with the affected developers and vendors. It is instead revealing data on the number of malware or aggressive adware targeting the Google operating system. Proofpoint analyzed over 5,600 unique Bible apps (4,154 for Android and 1,500 for Apple's iOS), including 208 that contained known malicious code and 140 were classified as “high risk” based on their behavior, all for the Android platform. Apple is evidently doing a good job of keeping out dangerous Bibles.

Kevin Epstein, VP of threat operations at Proofpoint, said those apps with known malicious behavior let attackers steal information from mobile devices, exploit zero-day vulnerabilities, possibly jailbreak or "root" a device, pilfer login credentials and communicate with IP addresses previously linked with rogue activity.

FORBES spoke with Telefonica’s ElevenPaths, a Spanish based intelligence provider that looks for Android threats, and it did reveal two Bible-themed apps on Google Play - Bible Trivia and Bible FAQs - that it believed to be malicious. Adolfo Lorente, ElevenPaths researcher, said his organization frequently saw Android hackers reusing Bible graphics from legitimate apps, repackaging them with built-in malware and uploading them to the markets.

Cybercriminals appear to be faith agnostic when it comes to their devilish campaigns - a number of Quran apps containing malicious apps are doing the rounds in digital bazaars too. Lorent found a large number of malware hidden in Quran apps on Google Play. These included Holy Quran Go Locker Theme, The Amazing Quran and uQuran - Understand Quran. “We have also identified aggressive adware apps about the Quran and the Bible populating the markets,” Lorente added.

Proofpoint found scores of “high-risk” Quran apps too. The firm said 16 of the scanned Quran apps (3,804 for Android; 646 for iOS) contained known malicious code and another 38 were classified as high risk. Again, all were for Android.

At the time of publication, Google had not responded to a request for comment.

It’s not just financially-motivated criminals who’re looking to exploit people’s trust in religious apps. Government agency contractor Hacking Team reportedly boasted about hiding its own intrusive software in a Bible app. John McAfee, founder of the eponymous anti-virus company and now a presidential candidate, voiced his concerns about the invasiveness of some Bible apps earlier this year too.

You’ve got to have faith, but trust is hard to find in the online world.

Follow me on TwitterCheck out my websiteSend me a secure tip
Thomas Brewster
Thomas Brewster