• Home
  • Apps
  • Apps News
  • Thousands of Android and Samsung Pre Installed Apps Come With Hidden Backdoors, Study Claims

Thousands of Android and Samsung Pre-Installed Apps Come With Hidden Backdoors, Study Claims

A total of 150,000 apps have been analysed using a tool called InputScope. Out of these, 12,706 apps were found to have presence of backdoors.

Share on Facebook Tweet Snapchat Share Reddit Comment
Thousands of Android and Samsung Pre-Installed Apps Come With Hidden Backdoors, Study Claims

Study shows pre-installed apps come with more unethical backdoors behaviour than other apps

Highlights
  • 4,028 tested apps seem to be checking for blacklisted words
  • Researchers scanned 150,000 apps using a tool called InputScope
  • 4.5 percent of apps from Baidu indulged in blacklisting

A new study claims that thousands of Android apps may come with input-triggered secrets such as backdoors and blacklists of unwanted items. A total of 150,000 apps have been analysed using a newly developed tool called InputScope. Out of these, 12,706 apps were found to have presence of backdoors, and over 4,028 apps seem to be checking for blacklisted words. From the 150,000 apps, 100,000 apps were from Google Play Store and 30,000 apps were pre-installed ones on Samsung phones.

The new study comes from researchers at Ohio State University, New York University, and the Helmholtz Center for Information Security (CISPA). These researchers analysed these 150,000 apps using an analysis tool called InputScope. This tool helped in automatic detection of both the execution context of user input validation and the content involved in the validation to automatically expose hidden functionality. As mentioned, the pool of apps had Android apps from Google Play Store, pre-installed apps from Samsung phones, and 20,000 apps from Chinese market Baidu as well.

The test uncovered 12,706 mobile apps containing backdoor secrets and 4,028 mobile apps containing blacklist secrets. Undocumented backdoors include secret access keys, master passwords, and secret privileged commands, and blacklists of unwanted items include censorship keywords, cyber-bulling expressions, and weak passwords.

The study also showed that pre-installed apps showed more unethical backdoors behaviours than other apps. The percentage of undocumented backdoor instances on pre-installed apps was around 16 percent, while Google Play Store apps were at 6.8 percent. Baidu apps were at 5.3 percent – the least of the lot. For blacklisting, 4.5 percent of apps were from Baidu, 3.9 percent apps were from pre-installed apps, and 2 percent apps were from Google.

These secret backdoors and blacklists on apps can allow for remote login, reset user passwords, stop users from accessing content, and let hackers bypass payment interfaces. All of these exist without any user knowledge, and this poses as another great threat in the chaotic Android ecosystem.


OnePlus 8 leaks look exciting but when will the phones launch in India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Tasneem Akolawala Tasneem Akolawala is a Senior Reporter for Gadgets 360. Her reporting expertise encompasses smartphones, wearables, apps, social media, and the overall tech industry. She reports out of Mumbai, and also writes about the ups and downs in the Indian telecom sector. Tasneem can be reached on Twitter at @MuteRiot, and leads, tips, and releases can be sent to tasneema@ndtv.com. More
E3 2020 Won't Get an Online Replacement Event in June
Zomato Starts Grocery Delivery Service in Over 80 Cities Amid Coronavirus Lockdown

Related Stories

 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.
Listen to the latest songs, only on JioSaavn.com