Appthority has now released its Q3 2017 Enterprise Mobile Security Pulse Report, revealing the quarter's top blacklisted apps. More to the point, the report highlights the apps that are most often blacklisted by mobility and security teams in enterprise environments. For those who aren't aware, blacklisted apps are those that are blocked from use within an organization because they either represent security risks, break with security policies that are in place, or because they contain malware. The report shows which popular apps are blocked for a given operating system and is intended to be used by security teams to help set future policies based on risk trends found in popular applications. It also provides insight into apps that are not necessarily blocked by many organizations, but which represent a high risk for one reason or another.
On the Android side of things, for Q3, the most common reason for applications to be blacklisted was due to the detection of malware - with no fewer than eight of the top ten most blocked apps being blocked for that reason specifically. The apps are listed alongside a risk rating that ranges from 0 to 10, with a ranking of 10 representing the highest level of risk. For Android, Poot-debut(W100).apk, AndroidSystemTheme, and Where's My Droid Pro took the top positions, each bearing a risk level of 9 for malware detected. Those are followed by Weather, Wild Crocodile Simulator, Star War, and ggzzversion - which also ranked at a risk level of 9 for malware. Rounding out the top ten are Boyfriend Tracker, Chicken Puzzle, and Device Alive, representing risk levels of 6, 6, and 9 respectively. Of the applications on that list, only Boyfriend Tracker and Chicken Puzzle were not flagged as malware. The former was marked as sending unencrypted data and IMEI, while the latter was flagged for tracking users' locations. Of the top 50 applications most often used in enterprise environments, several represent a risk level of at least 7. Those include Uber, WhatsApp Messenger, and Facebook Messenger.
Meanwhile, the report also looks closely at which countries collected data is being sent to from applications when those apps connect to backend servers. The top countries on the list include the U.S., Ireland, and Germany. However, Android application backends also have a higher tendency than their counterparts on other platforms to be more widely distributed. That means users' data ends up in countries with a lower "trustworthy" rating more often, including several that have been given scores of zero percent by Appthority.