Wake-up Android users; thousands of malicious copycat apps infesting Play Store
A new study, conducted by the University of Sydney and CSIRO’s Data61 has found that there are a vast number of harmful apps hidden in plain sight in Google’s Play Store that trick users by impersonating popular alternatives. This study was conducted by using Artificial Intelligence to seek and identify counterfeit apps before testing them for malware and other such vulnerabilities.
As per the study, the researchers deployed a neural network to inspect both the icon’s design and its wording in the description. It reviewed 1.2 million apps to identify “potential counterfeits for the top 10,000 popular apps.” It has been found that 2040 potential counterfeits that have malware in a set of 49,608 apps that showed significant resemblance to one of the top 10,000 trending apps in the Google Play Store. The study also found, “1,565 potential counterfeits asking for at least five additional dangerous permissions than the original app and 1,407 potential counterfeits having at least five extra third-party advertisement libraries.”
By using AI algorithms to evaluate style and content, “outperforms many baseline image retrieval methods for the task of detecting visually similar app icons.” On the huge dataset of over 1.2 million app icons, the study’s method achieves, “8%-12% higher precision” in comparison to alternatives.
The study explains, “Many counterfeits can be identified once installed; however even a tech-savvy user may struggle to detect them before installation. This brings about the idea to sample the, “novel approach of combining content embeddings and style embeddings generated from pre-trained convolutional neural networks to detect counterfeit apps.”
The study revealed that the 2040 most dangerous counterfeits, “were marked by at least five commercial antivirus tools as malware,” although, encouragingly, 6-10 months since we discovered the apps, 27%-46% of the potential counterfeits we identified are not available in Google Play Store, potentially removed due to customer complaints.”
This should come as no surprise as the insecurity of apps on iOS and Android have been making a lot of headlines in the recent past.
Google has introduced the Google Play Protect to safeguard against such vulnerabilities. They state, “in 2018, we introduced a series of new policies to protect users from new abuse trends, detected and removed malicious developers faster, and stopped more malicious apps from entering the Google Play Store than ever before. The number of rejected app submissions increased by more than 55%, and we increased app suspensions by more than 66%.”