As of this past July, there were more than a million apps in the Google Play Store. Now, a new survey from Bitdefender Antivirus Software has revealed that approximately 1.2% of those apps are copies of other apps in the store, or “thief-ware.”
The Bitdefender research analyzed 420,646 of the available apps in the Google Play store, and found that 5,077 of them were repackaged thief-ware. The survey defines a copied app as sharing more than 90% of the original code, not including the legal-to-copy library code.
(Other Android concerns: 79% of mobile malware attacks directed at Android)
In most cases, the 2,140 copycat developers that were found reassembled the apps almost identically, adding new advertising SDKs to siphon profits away from the original developers. The most frequently used ad SDKs, according to the study, are Airpush, Apperhand, InMobi, LeadBolt and Jumptap.
Another piggybacking tactic is to reformat the apps to collect more user information, like location, device ID, contacts or call history. Amended APKs may even gain permission to send texts or access social networks.
“By design, Android applications can be disassembled, modified and reassembled to provide new functionalities. This way an attacker can easily rip an APK off the Play Store, turn it into program code, modify it and distribute it as its own,” Bitdefender communications specialist Loredana Botezatu explained in a blog post.
The figure above is a chart from the Bitdefender survey showing percentages of added permissions in repackaged app copies
While the total lost developer revenue is hard to calculate, the survey included an example case study of the Vector Unit game, Riptide G2. Originally costing US$3, the app at one time had four thief-ware copies in the Google Play Store that may have lost Vector Unit between $6,200 and $31,000 in revenue depending on the number of installs.
(More app store mischief: One BlackBerry World developer accounts for more than a third of its apps)
The free, plagiarized thief-ware apps also receive no updates or support from original developers of the paid versions.
“Instead of spending thousands or hundreds of thousands of dollars developing, testing and marketing a great application to monetize,” Botezatu wrote, “plagiarists take the road that is less time-costly and less resource intensive by simply hijacking a successful application at the original developer’s expenses.”