App repackaging, a common problem for Android devices

Nov 10, 2015 22:28 GMT  ·  By

The majority of Google Play Store's most popular apps can be easily reverse-engineered, and then re-packaged with malicious functionality, leveraging the original app's popularity to spread dangerous malware.

This is the conclusion of a recent market analysis regarding the security of Google Play’s top apps, a study conducted by SEWORKS, a developer of advanced security solutions for mobile applications.

An Android-specific problem

In today's mobile environment, app security is of the utmost importance thanks to the wide range of data users normally store on their mobile devices.

While Apple automatically encrypts the source code of all apps uploaded and displayed on the App Store, Google leaves this to the developer's choosing.

As you'd expect, developers don't bother with this step, thinking that they have nothing to hide, or they just don't care enough about the security of their code. This raises a few security problems.

The worst case scenario happens when a hacker downloads apps from the Google Play store, unpacks the app, inserts his malicious code, re-packages the app, and then redistributes it via third-party app stores, passing it as the real deal, coming from the app's original creator.

All of the app's functionality is left intact, but users will also get the malicious functionality that helps criminals install ransomware, steal user data, take control over the device, and various other more.

If you're versed enough in Android security, you've already identified the weak point in this whole scenario, and that's the open nature of Android apps.

Most popular Android apps are easy to hack

According to SEWORKS' study, a couple of worrying details have now come to light:

●      85% of top 200 free apps on Google Play are decompilable ●      83% of top 100 paid apps on Google Play are decompilable ●      87% of top 100 free game apps on Google Play are decompilable ●      80% of top 100 free non-game apps on Google Play are decompilable ●      95% of top 200 free Google Play apps can be reverse-engineered ●      82% of the top 100 Google Play paid apps can be reverse-engineered

With a market forecast of nearly $100 billion by 2020, Android apps are a big business for everyone involved, including cyber-criminals. That's why around a quarter of mobile applications will feature runtime self-protection features by 2017, as Gartner estimates.

If you're interested in learning more about the perils of reverse-engineered apps, SEWORKS will also start a series of blog posts on this topic via their Medium channel.