Study findings from the University of Sydney and CSIRO’s Data61 examined the prevalence of counterfeit Android applications on Google Play used AI to identify probable fraudulent apps prior to testing them, and discovered 2,040 potential fraudulent apps mimicking popular apps within a reviewed group of 49,608 apps. The study A Multi-modal Neural Embeddings Approach for Detecting Mobile Counterfeit Apps cites “1,565 potential counterfeits asking for at least five additional dangerous permissions than the original app and 1,407 potential counterfeits having at least five extra third-party advertisement libraries.”
The study states that its researchers’ use of AI to evaluate apps to identify clear mimicry of popular apps “outperforms many baseline image retrieval methods for the task of detecting visually similar app icons,” and is believed to have achieved 8%–12% higher precision than previous efforts.
Experts Comments:
Laurence Pitt, Strategic Security Director at Juniper Networks:
“There is clearly an issue with applications on Google Play (and the Apple App Store, to a lesser degree) suffering from counterfeit applications. What happens is people download them, realize it’s not what they expected, but then just leave it. People need to be better educated on application hygiene with their devices. We have so much storage available today that it’s become easy to download, install and forget. What would be helpful is a feature in the operating system that, periodically, alerts the user to installed applications that have not been used for a given period of time and makes the recommendations they could be uninstalled. It could even include data on which apps have been withdrawn from the store. We have ScreenTime for iOS, why not OldAppRemove?”
Sam Bakken, Senior Product Marketing Manager at OneSpan:
“It seems consumers just can’t catch a break when it comes to trying to secure the mobile apps and devices they use everyday. We just can’t trust that Apple and Google can keep us safe from every mobile threat, and this study is just one example. The official app stores are the ideal distribution channel for criminals as they attempt to infect as many users as possible with their malware, and they’ll spare no expense in getting their apps published. While it’s still good advice to only download mobile apps from the official app stores, consumers must nonetheless be wary because malware developers are finding ways around Google’s vetting processes. Ideally, more and more developers of sensitive apps (banking, payments, etc.) will leverage in-app protection technology that ensures those apps are safe for consumers to use, and are protected against other malicious software that might reside on their users’ devices. App shielding, for example, monitors for malicious behavior targeting the app it protects to shut-down any malicious activity before it starts. As an added bonus, app shielding can also detect when an app has been repackaged, a method used in counterfeiting operations such as this one, so that the forged app cannot execute if it’s been tampered with.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.