Mission against Malware

Published on May 05, 2015 16:23:23 PM
An automated system has been designed by security researchers to detect Android apps that connect to ad sites secretly and tracks user.

Most of the ad-related sited and tracking sites are connected to unwanted sites that contain malware.

The researchers said, "This activity often takes place without the user being aware of what is going on.”

An app, which has been developed by Luigi Vigneri and colleagues from Eurecom in France, monitors the behavior of others on a user’s smartphone and indicates to which external sites the apps are trying to connect.

The app is named NoSuchApp or NSA "in honour of a similarly acronymed monitoring agency,” MIT Technology Review reported.

"With this application, our goal is to provide a mechanism for end users to be aware of the network activity of their installed Android applications," said Vigneri.

The team is planning to release the app on Google Play; currently they are testing the app by downloading over 2000 apps from the Google Play from various categories.

The team launched every app on Samsung Galaxy SIII that was running on Android 4.1.2 and setup was made to direct all the traffic through the server and recorded all urls that every app contacted.

The results were unbelievable, they saw that 2,50,000 urls are recorded across 2,000 high level domains. Most of them tried to connect ad and tracking sites that are more prolific.

"We find the app Music Volume EQ connects to almost 2,000 distinct URLs," they said.

The researchers found that the Eurosport Player app connects to 810 varieties of user tracking sites. Some of the apps are designed to connect to suspicious sites connected with malware.