IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Study: Thousands of Android apps have sneaky background actions

These apps aren’t behaving the way you’d expect them to

A recently published study from researchers at Ohio State University, New York University and the Helmholtz Center for Information Security offers hard evidence that thousands of Android apps are taking liberties with users’ devices by equipping them with backdoor functions such as creating secret access keys, master passwords and secret commands.

By leveraging InputScope, a sophisticated static analysis tool, the research team analyzed the behavior of 150,000 apps, studying what portion exhibited backdoor behaviors. Apps included the 100,000 most popular on Google Play in April 2019, 30,000 apps that come installed on Samsung devices and 20,000 from the Chinese market Baidu. 

Of the 150,000 apps included in the study, 12,706 exhibited a range of backdoor behaviors. Another 4,028 appeared to check user input against blacklisted words such as racial discrimination, incidents in the news and even the names of political leaders. Of those tested, 6.8% of Google Play apps and 5.3% of apps from alternative sources displayed backdoor actions. Interestingly enough, the study showed that a whopping 16% of pre-installed apps also exhibit backdoor behaviors.  

This study’s findings coincide with a public letter sent to Google CEO Sundar Pichai by Privacy International. Released in January, the letter urged Google to act against pre-installed apps on Android devices, criticizing the company for its lack of scrutiny when it comes to privacy and security problems. 

As stated in the letter, “These pre-installed apps can have privileged custom permissions that let them operate outside the Android security model. This means permissions can be defined by the app - including access to the microphone, camera, and location - without triggering the standard Android security prompts.”

The letter continues, noting that Android users should be able to permanently uninstall these apps, thereby disabling backdoor functions.

An important question now remains. How does Google plan to address these potentially nefarious backdoors? While there is no easy way to solve this problem, it is certainly one the Android platform could do without.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Most Popular

The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022