Backdoor: Thousands of Android apps contain a hidden tool

We have seen in the past that the open-source nature of Android is both a good and a bad thing. Good because it is more accessible and available on a wide variety of hardware and bad because of lax security. Multiple reports have surfaced online highlighting how malware and harmful software made its way on Google Play Store. Sometimes the nature of the malware has pushed Google to take matters in their hands and remove the app remotely. Regardless of the improved security and screening programs such as Play Protect and more, such apps get through the cracks. This time, a new study has surfaced online highlighting hidden backdoor in thousands of Android apps. Let’s check out the details about this back door.

Thousands of Android apps contain a hidden backdoor, details

Researchers from Ohio State University, New York University, and Helmholtz Center of Information Security (CISPA) published a new study online. This study talks about and provides hard evidence about hidden backdoors in Android apps. It also talks about the hidden and often unknown behavior that such apps showcase. Digging deeper, the researchers developed an advanced analysis tool called InputScope to analyze the behavior of about 150,000. This included 100,000 of the most popular apps on Google Play Store in April 2019. The study also focused on the pre-installed apps that come with Samsung devices. In fact, the researchers also included about 20,000 apps from the Baidu app store.

Watch: OnePlus 7T Pro McLaren Long Term Review

The 15-page research paper focused on two primary goals. The first was to find how many apps showcased secret behaviors and second was to check how and why apps used these backdoors. For some context, a backdoor is any method that allows an app or anyone, unauthorized access to data. As part of the results, about 12,705 out of 150,000 showcased odd behavior revealing the presence of backdoors. The type of backdoors ranged from secret access keys, master passwords, to secret commands. In addition, 4,028 apps checked the user input for blacklisted words. These words included names of political leaders, news events or racial discrimination.

Overall, 6.8 percent of the total apps tested from Google Play Store contained backdoors. This number went down to 5.3 percent for apps on Baidu. It is interesting that the number of apps with such backdoors jumped to 16 percent as we moved to pre-installed apps. These findings are in line with the public letter that Privacy International sent to Google CEO Sundar Pichai. The letter criticized Google for not focusing on pre-installed apps while checking for security and privacy issues.

Cause of concern?

This study also found that some apps engaged in secret blacklisting. About 4.5 percent of apps from Baidu, 3.9 percent of pre-installed apps and 2 percent apps from Google Play Store showcased this behavior. The presence of a backdoor is often a bad thing. However, most of the times it is not clear what the backdoor actually does. We are not even sure the kind of damage or the extent of damage a backdoor can case in most cases. To get some sense of this danger, the research team checked 30 apps at random from apps with more than a million installs.

The team found a live streaming app that allowed someone with the access key to log in to its remote interface. It also discovered a popular translation app that contained a secret key to bypass payment for advanced features. Some of the backdoors provided legitimate scenarios such as resetting a smartphone when it was lost. However, even the presence of such methods introduced a potential security problem. The study also outlines how many Google Play apps come with such hidden methods. In addition, there is no easy way to find these backdoors. In fact, the research took weeks-long analysis with a dedicated tool.







Source link

Leave a Reply

Your email address will not be published. Required fields are marked *