Jump to content

Study: More than 1% of Google Play apps are “aggressive” copycats


nsane.forums

Recommended Posts

Legit Facebook and Twitter apps repackaged to snoop on users, researchers say.

OaBYeFg.jpg

More than one percent of titles available in Google's official Android app market may be unauthorized copycats of competing apps that have been re-engineered to more aggressively monitor browsing history and other personal habits, security researchers said today.

The study, published Monday by researchers from antivirus provider Bitdefender, analyzed 420,646 Android apps available in Google Play. Of those, 5,077 contained code lifted from Facebook, Twitter, and other legitimate apps. The copycat apps offered the same functionality as the original apps, but they were redesigned to include aggressive advertising libraries (often referred to as SDKs), "beacons" that can be used to track users, and modified permissions that had access to text messages, call histories, and other personal information.

"Most modifications add a new Advertising SDK in the repackaged app or change the Advertiser ID from the original app so revenue obtained through ad platforms gets diverted from the original developer to the individual who plagiarizes their work," Bitdefender's Loredana Botezatu wrote. "Other modifications add extra advertising modules to collect more data from the user than the initial developer planned. Moreover, if a developer only collects UDIDs and e-mail addresses initially, a plagiarized application can be extended to place home-screen icons, spam the notification bar, and so on to maximize the hijacker’s revenue."

Some of the Facebook and Twitter knockoffs offered exactly the same functions as the originals, except colors and backgrounds were modified. The counterfeit apps were downloaded as many as 50,000 times. Google representatives didn't respond to an e-mail seeking comment for this post.

lxyz77c.png

A breakdown of the modifications snuck into repackaged apps.

The study comes as researchers from separate security firm FireEye continue to track critical vulnerabilities in several advertising libraries found in apps used by millions of Android users. The libraries and programming interfaces, which Ars covered in September, may make it possible for attackers to execute malicious code on phones that run apps relying on them. Many apps that use the libraries have recently been updated to use newer library versions that have been patched. But many apps continue to use vulnerable libraries, FireEye researchers reported over the weekend.

The Bitdefender and FireEye findings are likely to rekindle a debate that flares up from time to time over Google's oversight of its Play market. A one-time fee of $25 is all that's required for anyone to submit an app that becomes available to hundreds of millions of Android users. In fairness to Google, the company scans apps for signs of malicious code after they're submitted and responds to any credible reports of abuse. This open approach helps boost the diversity of apps available in Google Play, but it also leaves users open to scamware and other apps of questionable value. Apple's App Store, by contrast, follows a "walled garden" model that subjects apps to close scrutiny and rejects many submission requests for a host of reasons.

Link to comment
Share on other sites


  • Replies 1
  • Views 749
  • Created
  • Last Reply

Top Posters In This Topic

  • nsane.forums

    1

  • shamu726

    1

Top Posters In This Topic

This is why it's important to use a privacy software. I use Privacy Guard (which comes with CM 10.1) which when enabled prevents selected apps from reading personal data like sms, contacts list, location data.

Link to comment
Share on other sites


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...