Last year Google removed 813 “creepware” apps from the Play Store after the company received a report from a group studying apps similar to stalkerware.
The group, which was made up of academics and researchers from NYU, Cornell Tech and NortonLifeLock, has published a new paper based on their research titled “The Many Kinds of Creepware Used for Interpersonal Attacks”.
While similar, creepware differs from both spyware and stalkerware due to the fact that these mobile apps lack some of the features used to spy on users. However, creepware can still be used to directly or indirectly stalk, harass, defraud or threaten another person online.
To identify creepware more effectively, the research team developed an algorithm named CreepRank that is able recognize these kinds of apps and assign a creep score to each one. CreepRank has the ability to identify apps with features that can be abused to extract SMS messages from a device, spoof another user’s identity in chats, launch denial-of-service attacks, hide other apps, track location and more.
Searching for creepware
In order to find creepware apps in the real world, the research team ran CreepRank on a sample of anonymized data, provided by NortonLifeLock from devices running Norton Mobile Security, from apps installed on over 50m Android smartphones.
The CreepRank algorithm then calculated a creep score for each app and the researchers ranked these apps to find out which ones could be abused to track or harass users. By analyzing the top 1,000 apps based on their creep score, the researchers found that 857 of them qualified as creepware. To make matters worse, the creepware functions took a central role in these apps and some even promoted these features in their marketing.
The researchers then applied the CreepRank algorithm to app data sets from 2017, 2018 and 2019 to discover 1,095 creepware apps that accounted for more than 1m installs across real-world devices. Following its discovery, the research team notified Google about these 1,095 apps last summer and the search giant’s security team took down 813 of them for violating the terms and conditions of the Play Store.
Dangerous Android apps can pose a significant security and privacy risk to users but thankfully Google has made a concerted effort to rid the Play Store of bad apps.