More than 1.6 million Android apps are available on a Google Play Store to download for 1.4 billion active Android device users. Apps belonging to Social Media, eCommerce, and Entertainment industry ruling the roost, while each Android device user installs, on an average, 27 apps. App users are more focused and concerned about the features and functionality of installed apps, but do they ever care of potential risk these apps put them into? A new research study, released by the University of California, Riverside, analyzes behind-the-scenes behaviours of some of the top free apps used by millions of Android device users and exposes how badly we are prone to hackers and leak sensitive personal information.
According to the study, 24% of the total popular Android apps are indulged in interacting with malicious URLs/websites that distribute malware, harm devices, stealing confidential personal data or annoying users with spam.
But that doesn’t mean that the rest 76% Android apps are quite safe to install; 76% of popular apps make behind-your-back interaction with websites that are less trustworthy and have received a Web of Trust rating lower than 60/100.
The adoption of smartphone apps is all time high and the world has moved into the mobile-first era. Smartphone users are relying heavily on apps without educating themselves much about their favorite apps. However, understanding the complex structure and evaluating each feature is quite impractical for any user as every app speaks to multiple websites and URLs both to function and generate revenue. On the flip side of the fact, most of such apps connect to many third-party services in the background in a bid to capture as much data as possible of a user, many times such practices lead to injecting harmful software components in devices.
The team behind the study developed a tool called AURA (Android URL Risk Assessor) to evaluate behind-the-scene activities of 13,500 apps accessing more than 250,000 URLs. Once captured, they cross referenced these URLs using VirusTotal, a database of malicious URLs and Web of Trust, a popular website rating system.
The study also points to a serious concern owing to the exploded adoption of smartphone and apps by Children. Nearly 74% of such popular apps talk to the URLs that are not suitable for children. Considering the fact that most of the free apps sustain on advertising revenue, speaking to URLs serving content not suitable for Children is definitely a major cause of concern.
“I think the fact that 9 percent of the good apps we analyzed interacted with at least one website that distributes malware is very worrisome,” said Faloutsos, who emphasized that the findings show only that users are potentially exposing themselves to risk, and not that each of these interactions would necessarily result in negative consequences.
The above findings of the study urge to use a limited number of apps and only perform not-so-critical activities on devices. Analysts believe that smartphone users must rely on a very limited number of apps and activities through mobile apps until there is a regulatory body set to screen behind-the-scene activities of apps. Google is pledged to improve its apps screening process before they list down an app on Google Play, still there is a need for a regulatory body considering the growing influence of apps in our daily life.
Analysts suggest that reading app-review articles and comments left by other app users is a good practice that help users to take informed decisions on apps.