The apps you regularly use to log your steps, edit your photos and monitor your finances may be hiding malicious software that could be tracking and even stealing your personal information.
As part of a two-year cyber security project, researchers from the Faculty of Engineering's School of Computer Science and Data61-CSIRO investigated over one million Google Play apps and discovered 2,040 potential counterfeit apps.
Many of the fake apps impersonated highly popular apps and contained malware, with popular games such as Temple Run, Free Flow and Hill Climb Racing being the most commonly counterfeited. The study also found that several counterfeit apps request dangerous data access permissions despite not containing any known malware.
Counterfeit or ‘fake’ apps are often used by hackers to steal user data or infect a device with malware. Installing counterfeit apps can lead to a hacker accessing personal data and can have serious consequences such as financial losses or identity theft.
“Many fake apps appear innocent and legitimate — smartphone users can easily fall victim to app impersonations and even a tech-savvy user may struggle to detect them before installation,” explained School of Computer Science academic and cybersecurity expert Dr Suranga Seneviratne.
“In an open app ecosystem like Google Play the barrier to entry is low so it’s relatively easy for fake apps to infiltrate the market, leaving users at risk of being hacked,” he said.
The Google Play Store is the largest of its kind, hosting over 2.6 million applications, many of which have been developed by third parties.
“While Google Play’s success is marked on its flexibility and customisable features that allow almost anyone to build an app, there have been a number of problematic apps that have slipped through the cracks and have bypassed automated vetting processes,” he explained.
“Our society is increasingly reliant on smartphone technology so it’s important that we build solutions to quickly detect and contain malicious apps before affecting a wider population of smartphone users,” he said.
Director of the NSW Cyber Security Network, Todd Williams, believes the research has the potential to place New South Wales on the map as a leader in cyber security.
“The NSW Cyber Security Network is very pleased to be able to support the world-leading research of the University of Sydney. This research further strengthens NSW as a leader in cybersecurity,” he said.
About the research
The paper, A multi-modal neural embeddings approach for detecting mobile counterfeit apps, was co-authored by Mr. Jathushan Rajasegaran, Mr. Naveen Karunanayake, Dr Ashanie Gunathillake, Dr Suranga Seneviratne and Dr. Guillaume Jourjon and was published in the Proceedings of The World Wide Web Conference 2019.
The research has been partially funded by the 2017 Google Faculty Rewards grant, the 2018 NSW Cyber Security Network’s Pilot Grant Program, and the Next Generation Technologies Program. The authors would like to thank VirusTotal for kindly providing access to the private API that was used for the malware analysis in this paper.