Last week, Google released its Android Security 2017 Year in Review report, which is the company’s fourth installment of the report. Its purpose is to educate the public on its efforts to combat security threats.
One of the more interesting tidbits of information provided in the report is that 60.3 percent of Potentially Harmful Apps (PHAs) were identified through machine learning. The service designed by Google called Google Play Protect is enabled on over 2 billion devices and regularly scans Android apps for malicious activity. The service uses several tactics to identify security threats, but machine learning has been particularly effective in locating PHAs. In fact, 6 out of 10 detections was owing to machine learning.
Play Protect has been in operation for a number of years, but in October of 2017, the service was optimized to scan for harmful apps in offline mode. However, even while Google reconfigures and rolls out updates, dangerous and privacy-invading apps continue to crop up exponentially. Here is a list of several apps to be wary of:
1) Good Weather app: According to ESET blog, hackers have weaponized the Android weather app by making it a trojan, capable of infecting your phone with the banking malware Trojan.Android/Spy.Banker.HU. Once the app is downloaded, the malware is able to lock, unlock, and intercept texts from your device. Additionally, the malware accesses the victim’s banking information with its command-and-control server.
2) Draw Something Free: This app is essentially a remote version of Pictionary that you can play with friends. While amusing, it includes several advertiser libraries (which are third-party bits of code from other developers that app creators can use allowing advertisers to track you across any app that includes its library). It also uses the “read phone status and identity” permission to grant advertisers access to your phone number, call log, signal information, carrier, and more.
3) GO Locker: The app promises to be a more secure lock screen than your phone built-in screen, but because it has access to your screen, it requires pretty much every permission available from your location to access to your text messages. Though it doesn’t have advertising libraries installed, it does send your information to third-party app stores which are much less secure than Google Play.
4) Camera360: This camera tool promises to add more camera modes, exclusive filters, free cloud storage, facial recognition software, real-time “touch-ups”, and more features with no ads. Although it doesn’t have any ad targeting libraries, it does gather a lot of information from your device and also contains the Baidu search engine built-in. Baidu is China’s Google equivalent and for some inexplicable reason, it has the ability to turn your WiFi on and off using this app.
5) Clean Master: The Clean Master app and other similar applications aren’t necessarily “dangerous”. Though they may be able to help correct an app gone rogue, it is best to check your apps one at a time in order to identify exactly which app is causing the issue. These apps generally clear your cache which accumulates pretty quickly and is best left alone if it’s not causing a problem. Some of these apps also have adware that can deeply ingrain itself into your phone. Even when ads are not an issue, “cleaning” apps tend to seriously drain your phone’s battery power and life over time.
6) My Talking Tom: This app is a children’s game where you are responsible for taking care of a kitten but it’s seriously not worth the privacy breach it comes with. It includes a staggering eight targeted ad libraries and also sends advertisers audio from your microphone as well. This is especially creepy considering it’s a kid’s game.
7) WiFi apps: Check Point, a cybersecurity company has identified several apps with advertising malware called LightsOut. These harmful apps “generate illegal ad revenue” by tricking users into viewing and clicking on ads displayed on their devices. Check Point adds, “As some users noted, they were forced to press on ads to answer calls and perform other activities on their device.” Of these harmful apps include applications that claim to offer free WiFi credentials/Keys, hotspots, speed analyzers and boosters, network guards, etc. Some of these apps include Master WiFi Key, Free WiFi Connect, WiFi Security Master – WiFi Analyzer, Speed Test, Free WiFi Pro, Network Guard, and Smart Free WiFi.
8) Flashlight apps: Check Point has also identified several flashlight apps which are among the most popular methods that developers use to spread LightsOut. These apps include Brightest LED Flashlight-Pro, Brightest Flashlight, Cool Flashlight, and LED Flashlight.