Free cleaning apps put millions at risk of hacking
Android users might want to think twice before downloading free apps to clean their mobile phones and “protect” them from viruses – because many of them contain data trackers and some even appear to have links to potentially malicious domains, according to the Cybernews research team.
Cybernews studied the forty highest-ranking cleaning and antivirus apps by installation on the Google Play store, which between them have clocked up more than 918 million downloads as of the time of writing. The individual installation count for the popular apps began at one million, with some having more than a hundred times that number.
“Since these apps are closely related to security and privacy, we expected them to set the highest standard possible,” said a spokesperson for the Cybernews research team. “However, this was not the case – as only two apps did not contain any trackers.”
Worse still, 13 of the apps were judged to be so detrimental to privacy that they scored the lowest possible grade in the team’s security ranking system, due to “questionable coding practices.” Six even contained likely malicious links – putting millions of Android users at risk of having their phones hacked – with the Dr Capsule antivirus cleaner app thought to have as many as three.
The best of a bad bunch was the Keep Clean Cleaner antivirus app, which scored an underwhelming 54 out of 100 for security. Last place went to the Safe Security Antivirus booster and phone cleaner, which returned a dismal score of nine. The results are particularly worrying given that the two apps each have more than 100 million registered downloads.
Second place went to Fancy Booster, which has more than a million downloads and scored a not-so-fancy 46, while the Clean Guard app scrubbed up somewhat better than its competitors, securing third place with a score of 41 for its 10 million installers.
Two of the top forty apps could not be analysed, possibly due to obfuscation – a method employed by developers to counter reverse-engineering.This can be done either to guard against intellectual property theft or to conceal something malicious – but it is not clear what was the reason in these cases.
“Based on the total installation count, common Android users are eager to secure their phones from malware and interested in keeping their devices running as fast as possible by cleaning junk files and cache,” said the research team.
“Less tech-savvy users are likely to download an app to do all of this tedious work automatically. However, a lot of the free available options come at a hidden price – user data is being tracked, sold or plainly managed insecurely due to questionable coding and privacy practices of the application developers.”
Nearly all of the apps investigated contained trackers, varying in number from just a handful to thirty in the case of Nova Security. Shockingly, only Super Antivirus and Virtual Guard were completely free of data tracking, raising serious privacy concerns for Android users of free cleaning apps.
Cybernews reached out to six of the app developers, but only one had responded at the time of writing. Dr Capsule claimed that in its case confusion between the http protocol and its secure version, https, had caused its app to be mistakenly flagged as potentially malicious.
More from Cybernews:
No allies in the cyber world: how Chinese hackers collect intelligence on Russian government officials
Best antivirus software of 2023: protect your mobile device against malware with an Android security app or antivirus protection for an iPhone
Are backups the best way to tackle ransomware?
308,000 databases were exposed to the open web in 2021: report
Audio codec flaw left two-thirds of Android smartphones vulnerable to spying
Data thieves zone in on tourists
Subscribe to our newsletter
I would be very interested to see a company like Cybernews carry out such an investigation into the likes of Avast, Norton, Kaspersky etc in fact all of the well known and trusted names.
Your email address will not be published. Required fields are marked