The research behind last year's report has now been published online and is titled "The Many Types of Creepware Used for Interpersonal Attacks." The term creepware refers to mobile applications that do not have all the functions of a product designed to spy or harass (spyware or stalkerware), but that can be used for these purposes as well as to carry out fraud or threats.
The document mentions that many of the applications could be used for harassment, phishing, fraud, and information theft. "As a result of our work, the Google Play Store has already removed hundreds of applications for violations of its policies," detailed in the report.
In some cases these apps were promoted as solutions to avoid being a victim of this type of deception when in reality what they were doing was being a vehicle to generate them. Many of these applications today are not available in the digital store as a result of this report that was presented . In the future, the researchers plan to continue analyzing more apps that may have these characteristics in order to identify and prevent possible spy attacks.
How they were identified
The researchers developed an algorithm called CreepRank that identifies creepware-style behavior within mobile apps, and then assigns a score to each app based on the identified risk.
The algorithm is capable of identifying platforms that can extract SMS from cell phones, launch denial of service attacks, control access to some applications, hide some apps, falsify the user's identity or track their location.
These apps allow to carry out different types of abuse, sometimes by itself and others in combination with other services. The CreepRank algorithm was run on a sample of anonymous data from applications installed on more than 50 million Android operating system smartphones.
After analyzing 1,000 applications, the algorithm identified more than 800 that classified as creepware, among which there were 114 that allowed identity theft, 80 that allowed for digital harassment and some 63 that offered tutorials for hacking.
In total, and after an analysis of applications from 2017, 2018 and 2019, 1,095 applications were identified that could be used to violate in some way the privacy or security of users. Based on that report, Google removed 813 for violating the Play Store terms and conditions.
How to check the installed apps and what access permissions they have
An indication that a spy application or some type of malware is installed is that the cell phone re-acclimatizes, works slower or consumes more battery than usual. So if any of this happens suddenly, there is probably some malicious program on the computer. However, this rule is not always followed.
What can you do then? In principle, enter the phone's configuration menu and see what apps are installed and verify what type of permissions they have. If you notice something suspicious or some platform that was not installed or is no longer used, then it should be removed.
To do a more detailed analysis of the device, then it must be started in "safe mode". To start your device in safe mode you have to press the off button until that alternative appears. In some models, pressing the shutdown button displays the Shutdown option and you must press there again until the Safe Mode appears and then click on that option again.
Then you must go to Configuration or Settings and there enter Applications. You will see a list with all the downloaded apps. It is necessary to verify if one is found with a strange name or that it is not remembered to have downloaded and remove it.
Image source:
Florian Olivo / Unsplach.com