Study: Thousands of Android apps have sneaky background actions
These apps aren’t behaving the way you’d expect them to
A recently published study from researchers at Ohio State University, New York University and the Helmholtz Center for Information Security offers hard evidence that thousands of Android apps are taking liberties with users’ devices by equipping them with backdoor functions such as creating secret access keys, master passwords and secret commands.
By leveraging InputScope, a sophisticated static analysis tool, the research team analyzed the behavior of 150,000 apps, studying what portion exhibited backdoor behaviors. Apps included the 100,000 most popular on Google Play in April 2019, 30,000 apps that come installed on Samsung devices and 20,000 from the Chinese market Baidu.
Of the 150,000 apps included in the study, 12,706 exhibited a range of backdoor behaviors. Another 4,028 appeared to check user input against blacklisted words such as racial discrimination, incidents in the news and even the names of political leaders. Of those tested, 6.8% of Google Play apps and 5.3% of apps from alternative sources displayed backdoor actions. Interestingly enough, the study showed that a whopping 16% of pre-installed apps also exhibit backdoor behaviors.
This study’s findings coincide with a public letter sent to Google CEO Sundar Pichai by Privacy International. Released in January, the letter urged Google to act against pre-installed apps on Android devices, criticizing the company for its lack of scrutiny when it comes to privacy and security problems.
As stated in the letter, “These pre-installed apps can have privileged custom permissions that let them operate outside the Android security model. This means permissions can be defined by the app - including access to the microphone, camera, and location - without triggering the standard Android security prompts.”
The letter continues, noting that Android users should be able to permanently uninstall these apps, thereby disabling backdoor functions.
An important question now remains. How does Google plan to address these potentially nefarious backdoors? While there is no easy way to solve this problem, it is certainly one the Android platform could do without.
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now
Simplify cluster security at scale
Centralised secrets management across hybrid, multi-cloud environmentsDownload now
The endpoint as a key element of your security infrastructure
Threats to endpoints in a world of remote workingDownload now
2021 state of IT asset management report
The role of IT asset management for maximising technology investmentsDownload now