Android Warning As Researchers Find Dangerous Fake Apps On Google Play Posted on : Jun 24 - 2019

Familiarity breeding contempt hits home in the results of a new study into the security threat from apps on Google Play. The research, conducted by the University of Sydney and CSIRO's Data61, has unearthed thousands of dangerous apps hiding in plain sight in the online store, tricking users by mimicking popular alternatives. The study used artificial intelligence to identify likely counterfeits, before testing them for malware and other vulnerabilities.

The study deployed a neural network to examine both the design of icons and the wording in descriptions, reviewing "1.2 million apps" to identify "potential counterfeits for the top 10,000 apps." It found "2,040 potential counterfeits that contain malware in a set of 49,608 apps that showed high similarity to one of the top 10,000 popular apps in the Google Play Store." The research also found "1,565 potential counterfeits asking for at least five additional dangerous permissions than the original app and 1,407 potential counterfeits having at least five extra third-party advertisement libraries."

The use of pre-trained AI algorithms to evaluate style and content "outperforms many baseline image retrieval methods for the task of detecting visually similar app icons," and on the large dataset of more than 1.2 million app icons, the study's methods achieve "8%–12% higher precision" than alternatives.

"Many counterfeits can be identified once installed," the authors explain, "however even a tech-savvy user may struggle to detect them before installation," thus the idea to try the "novel approach of combining content embeddings and style embeddings generated from pre-trained convolutional neural networks to detect counterfeit apps."

The study found that the 2,040 most dangerous counterfeits "were marked by at least five commercial antivirus tools as malware," although, encouragingly, 6-10 months since we discovered the apps, 27%–46% of the potential counterfeits we identified are not available in Google Play Store, potentially removed due to customer complaints."

None of this should come as a surprise—the insecurity of apps on both Android and iOS has been very much in the headlines recently.

Last year, Buzzfeed News reported that "eight apps with a total of more than 2 billion downloads in the Google Play store have been exploiting user permissions as part of an ad fraud scheme that could have stolen millions of dollars." All eight apps were Chinese in origin, with seven from a single developer, Cheetah Mobile. "The companies claim more than 700 million active users per month for their mobile apps."

And this month alone, Davey Winder has reported for Forbes on the threat from mobile applications, leaving "iPhone and iPad users not as secure as they might imagine, [with] their personal data at risk." ZDNet has reported that "three-quarters of mobile applications have vulnerabilities relating to insecure data storage, leaving both Android and Apple iOS users open to cyber attacks." And TechCrunch has reported on vulnerabilities even in U.S. mobile banking apps. View More