- A new study of Android apps has found that thousands seem to contain hidden backdoors that facilitate secret behavior, in what is but the latest reminder of how aggressively the Google Play Store continues to be targeted by sketchy app developers.
- The study looked at 150,000 apps, including 100,000 of the most popular from Google’s proprietary app marketplace, as well as apps from Baidu and Samsung.
- Visit BGR’s homepage for more stories.
Thousands of Android apps have been found as part of a new study to contain hidden backdoors that facilitate secret behavior, including everything from changing user passwords to preventing users from accessing specific content that’s sometimes political in nature.
The study comes via researchers from Ohio State and New York Universities, as well as the Helmholtz Center for Information Security, and it took a look at 150,000 apps — the 100,000 most popular Google Play apps circa April 2019, plus 20,000 apps from Baidu as well as another 30,000 apps that Samsung pre-loads onto its devices. The focus was on two specific issues: To what extent do apps support secret behaviors, and is there an inherent danger of abuse.
Among the findings: Almost 13,000 of the 150,000 apps that were studied suggested the presence of backdoors via things the researchers found like secret access keys and master passwords. More than 4,000 also appeared to be watching for blacklisted keywords like the names of political figures and other words related to controversial news topics. Almost 7% of the Google Play Store apps suggested the presence of backdoors, while 5.3% of the Baidu apps did so, according to the study. Double that for the apps pre-installed on devices (16% or so).
That’s part of the reason a few dozen privacy-minded organizations sent a letter to Google CEO Sundar Pichai earlier this year, pleading for Google to clamp down more on so-called bloatware that’s pre-installed on devices. “These pre-installed apps can have privileged custom permissions that let them operate outside the Android security model,” they wrote. “This means permissions can be defined by the app — including access to the microphone, camera, and location — without triggering the standard Android security prompts. Users are therefore completely in the dark about these serious intrusions.”
Also as part of the new Android app study, the researchers picked 30 apps at random that had at least 1 million installations, and they found one that allowed for remote logins. It’s the kind of thing the Play Store has been dogged with incessantly, and though Google’s security team stamps outs the threats as soon as they’re found or publicized in the press, it still has to deal with the PR headache stemming from apps sneaking in that can do everything from logging into Google and Facebook accounts to accessing key features of a user’s device, spreading malware and so much more.