More than 11% of Android banking and finance-related apps contain malware or suspicious binaries, according to research from RiskIQ.
RiskIQ trawled some 90 app stores finding around 350,000 apps referencing banking, of which more than 40,000 were deemed suspicious in some way. More than 21,000 contained adware, 20,000 Trojan malware, 3823 spyware, 209 exploit code, and 178 malicious JavaScript.
The research also shows that many of these apps request "excessive permissions" - such as the ability to capture device logs, record audio and access contact lists - which could be used by crooks.
Elias Manousos, CEO, RiskIQ, says: “These findings show that criminals are using look-a-like banking apps to distribute malware and capture data on the device in order to commit crimes. Policing app stores for malicious apps and taking them down is a never ending battle for banks, and any other brand that uses the mobile channel to interact with customers."