Study: Thousands of Android apps have sneaky background actions

These apps aren’t behaving the way you’d expect them to

A recently published study from researchers at Ohio State University, New York University and the Helmholtz Center for Information Security offers hard evidence that thousands of Android apps are taking liberties with users’ devices by equipping them with backdoor functions such as creating secret access keys, master passwords and secret commands.

By leveraging InputScope, a sophisticated static analysis tool, the research team analyzed the behavior of 150,000 apps, studying what portion exhibited backdoor behaviors. Apps included the 100,000 most popular on Google Play in April 2019, 30,000 apps that come installed on Samsung devices and 20,000 from the Chinese market Baidu. 

Of the 150,000 apps included in the study, 12,706 exhibited a range of backdoor behaviors. Another 4,028 appeared to check user input against blacklisted words such as racial discrimination, incidents in the news and even the names of political leaders. Of those tested, 6.8% of Google Play apps and 5.3% of apps from alternative sources displayed backdoor actions. Interestingly enough, the study showed that a whopping 16% of pre-installed apps also exhibit backdoor behaviors.  

This study’s findings coincide with a public letter sent to Google CEO Sundar Pichai by Privacy International. Released in January, the letter urged Google to act against pre-installed apps on Android devices, criticizing the company for its lack of scrutiny when it comes to privacy and security problems. 

As stated in the letter, “These pre-installed apps can have privileged custom permissions that let them operate outside the Android security model. This means permissions can be defined by the app - including access to the microphone, camera, and location - without triggering the standard Android security prompts.”

The letter continues, noting that Android users should be able to permanently uninstall these apps, thereby disabling backdoor functions.

An important question now remains. How does Google plan to address these potentially nefarious backdoors? While there is no easy way to solve this problem, it is certainly one the Android platform could do without.

Featured Resources

2021 Thales cloud security study

The challenges of cloud data protection and access management in a hybrid and multi cloud world

Free download

IDC agility assessment

The competitive advantage in adaptability

Free Download

Digital transformation insights from CIOs for CIOs

Transformation pilotes, co-pilots, and engineers

Free download

What ITDMs did next - and what they should be doing now

Enable continued collaboration and communication for hybrid workers

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

24 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021