The Latest in IT Security

Checking the Legitimacy of Android Apps


The Android Market was once again infiltrated by malware, as a handful of premium service abusers (which we detect as ANDROIDOS_RUFRAUD.A) posed as legitimate apps were uploaded to the site. A few users were able to install the malicious apps before Google took them down- a fast reaction due to the quick responses from vigilant users and security firms.

Although the malicious apps are now off the Android Market, we must all be consistently on guard for malicious apps that may be able to find their way there in the future. Especially with Android offering their 10-cent sale to celebrate their 10 billion downloads, users are more likely to install offered apps to take advantage of the apps’ low cost.

To help users keep their Android device malware-free as they load them with more cool apps, in this post we will point out some key items to keep in mind before installing apps:

Be familiar with the developer/s behind popular apps

Cybercriminals regularly leverage certain apps’ popularity and attempt to do so by imitating the popular apps. But since they can not pose as the original developers, the developer’s name can be a good indicator for legitimacy. For example, the real Android Market page for the game Angry Birds shows that it was developed by Rovio Mobile, while the malicious one was developed by a user named Logastrod:

Click for larger view Click for larger view

Users can also check the developer’s profile for other apps. Google also offers developer ratings, as well as the status “Editor’s Choice” that can further validate the developer’s legitimacy.

The same goes for other information on the app’s web page, such as the app’s icon and name. If something’s seems amiss, then it’s probably better to skip downloading it.

Check the ratings and the number of reviews

It is also a good practice to check app ratings and user feedback for more verification. The user rating and feedback feature give people a more accurate view of the experiences users have when using or installing the app. You can find it just below the app icon.

Apart from the quality of the ratings and the feedback, the number of ratings or feedback themselves can also be a good measure. Popular apps tend to generate more ratings and feedback, so if a post for a popular app has very few ratings or feedback, it’s likely that it isn’t the real thing. This was the case with the recent fake apps found in the Android Market:

Do more research

Aside from the Android Market, there are also other sites that offer reviews of Android apps which can help users gauge the legitimacy of an application. Getting more feedback, preferably from different sources will definitely help verify the app’s quality.

This is very important especially since cybercriminals will also most likely try to fool users through feedback. They can post misleading reviews and give inaccurate ratings to trick the users into thinking that a particular app is legitimate. In the screenshot above, the review circled in red shows a false review for the malicious app, calling it “a good simulator” while the one circled in blue shows a real review from a real user.

These are just a few of the ways users can check if an app is legitimate or not. We think it is critical for users to have some sort of checking process before installing applications, especially since these apps gain access to phones’ resources, including stored user information.

Aside from following the guide above, users can also check other ways to keep their Android-based devices secure, as well as further understand the implications of certain permissions requested by Android applications by reading the reports in our Mobile Threat Information Hub.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments