Security researchers have developed an automated system for detecting Android apps that secretly connect to ad sites and user tracking sites.
Many apps connect to ad-related sites and tracking sites while some connect to much more dubious sites that are associated with malware.
“But this activity often takes place without the user being aware of what is going on,” the researchers said.
So Luigi Vigneri and colleagues from Eurecom in France have developed an app that monitors the behaviour of others on a user’s smartphone and reveals exactly which external sites these apps are attempting to connect to.
They call their new app NoSuchApp or NSA for short “in honour of a similarly acronymed monitoring agency”, MIT Technology Review reported.
“With this application, our goal is to provide a mechanism for end users to be aware of the network activity of their installed Android applications,” said Vigneri.
The team plan to make the app publicly available on Google Play in the near future. Vigneri and colleagues began by downloading over 2,000 free apps from all 25 categories on the Google Play store.
They then launched each app on a Samsung Galaxy SIII running Android version 4.1.2 that was set up to channel all traffic through the team’s server.
This recorded all the urls that each app attempted to contact.
They found that the apps connect to a mind-boggling 250,000 different urls across almost 2,000 top-level domains. And while most attempt to connect to just a handful of ad and tracking sites, some are much more prolific.
For example, an app designed to control volume (a task that does not require a connection to any external urls), makes many connections.
“We find the app Music Volume EQ connects to almost 2,000 distinct URLs,” they said.
The worst offender is an app called Eurosport Player which connects to 810 different user tracking sites. A small proportion of the apps even seem designed to connect to suspicious sites connected with malware, the researchers found.