Yet another study finds that Android security is total crap
Thousands of Android apps have been found as part of a new study to contain hidden backdoors that facilitate secret behavior, including everything from changing user passwords to preventing users from accessing specific content that’s sometimes political in nature.
The study comes via researchers from Ohio State and New York Universities, as well as the Helmholtz Center for Information Security, and it took a look at 150,000 apps — the 100,000 most popular Google Play apps circa April 2019, plus 20,000 apps from Baidu as well as another 30,000 apps that Samsung pre-loads onto its devices. The focus was on two specific issues: To what extent do apps support secret behaviors, and is there an inherent danger of abuse.
Among the findings: Almost 13,000 of the 150,000 apps that were studied suggested the presence of backdoors via things the researchers found like secret access keys and master passwords. More than 4,000 also appeared to be watching for blacklisted keywords like the names of political figures and other words related to controversial news topics. Almost 7% of the Google Play Store apps suggested the presence of backdoors, while 5.3% of the Baidu apps did so, according to the study. Double that for the apps pre-installed on devices (16% or so).