Ridesharing behemoth, OLA, tackles fake apps using XVigil

Ridesharing apps have become a part of everyday life, and hence serve as fertile ground for scammers, to exploit users via these apps. They usually do this by publishing applications, belonging to a reputed company, on third party app stores.

About the Client

Ola Cabs is a ridesharing company based in Bangalore, India. As of 2019, Ola was valued at about $10 billion, and has a network of more that 1,500,000, drivers across 250 cities. A variety of venture capitalists including Softbank have large stakes in the company.

Industry

Area of Interest

Country

The Problem

Ridesharing apps have become a part of everyday life and hence serve as fertile ground for scammers, to exploit users via these apps. They usually do this by publishing applications, belonging to a reputed company, on third-party app stores. This a threat because third-party app stores don’t maintain the security standards enforced by official app distributors such as Google Play Store or Apple’s app store. There have been multiple cases where threat actors have modified legitimate applications by injecting malicious code in them and uploading them to third-party app stores such as APKMonk. When unsuspecting users download the modified app, it infects their devices. Scammers also upload multiple older versions of apps that have vulnerabilities, which have been remediated by the app company, in subsequent releases. OLA engaged CloudSEK to combat the threat of multiple versions of their app, being made available on third party app stores.

The Solution

CloudSEK’s XVigil monitors third-party app stores that have a history of weak security practices, or are known to distribute malicious apps. In the case of OLA, XVigil performed customized discovery of OLA apps that were published in third-party app stores. Other than older versions of the OLA app, XVigil also checked for apps mimicking the official OLA app. The AI-powered engine processed this raw data to discard duplicates and false positives. The discovered apps were then analyzed, rated based on the threat level, and taken down promptly, to ensure users are not affected.

The Impact

OLA is a ridesharing service that users avail of only via the OLA app. Hence, it is of utmost importance that users trust the app, on which they share their locations and payment details. With XVigil, OLA is able to detect the presence of older versions of the app, and fake apps mimicking the official app, across third-party app stores. In such situations, time is of the essence. So, with XVigil’s AI-powered engine, OLA receives real-time alerts, giving them enough time to take down the fake apps, which can affect their users.
Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Share on telegram
Share on email

Table of Contents

Request an easy and customized demo for free

Like what you see?

Sign up for a customized demo of XVigil and get know how your organization can tackle digital threats easily and with confidence.