Google Play Store is the premier marketplace for free and paid Android apps. It streamlines the process of browsing, downloading, and installing a variety of apps — therein facilitating the use of smartphones. However, it’s not the only marketplace for getting Android apps. There are many third-party marketplaces out there.
Some marketplaces offer open source, free, or specialized apps while others may host pirated or cracked apps. With a simple Google search, you can easily get paid apps and games for free. A novice user can sideload these apps without understanding its consequences. In this article, we tell you why you should be cautious while downloading Android apps from random websites.
Need for Third-Party Android Marketplaces
Google has improved its app store in the past few months, but sometimes you may need apps from third party marketplaces. There are valid reasons for the existence of these substitute store, and while they may not accommodate all the functionalities you may want, they come in handy when in need. Apps hosted in these third-party marketplaces fall under following categories:
- The first category includes apps that are also available in the Google Play Store. App developers may choose to submit their apps to both official and alternative marketplaces to reach more users.
- The second category contains apps only available from the third-party marketplaces. App developers may create apps that target specific customers (e.g., in their own regions, countries, or languages).
- The third category contains apps that are free and open-source (FOSS). For instance, F-Droid is an catalog of FOSS apps for the Android platform. The F-Droid client app makes it easy to browse, install, and keep track of updates on your device.
- The fourth category contains apps that are not available in your country due to geo-restrictions or let you install older versions of popular apps. This can help you to roll back a particular app to an earlier version, if the new one starts crashing or removes features you use frequently.
As you can see from the above list, third-party marketplaces exists for valid reasons. Unfortunately, not all marketplaces are same. In lure of earning money, some marketplaces offer pirated Android apps and games for free or worse repackage popular apps with malicious code to infect Android devices. Google doesn’t have any policies to govern these third-party marketplace neither they endorse them.
Risks in Downloading Apps from Random Websites
A recent study by Trend Micro has shown that malicious apps are common in the third-party marketplace. The most notable trait of these malicious apps (detected as ANDROIDOS_LIBSKIN.A) are their capability to root. Once the app gains the root privileges, it can do anything with your device — install apps without your knowledge, steal your personal data, or steal banking credentials.
A report by Arstechnica have also shown that some apps available in the third-party marketplace has the capability to root your phone. When you install an infected app, it sends your data to a remote server, which in turn download a number of rootkits that takes advantage of Android KitKat and Lollipop OS’es exploits. The rooted device then install apps which in turn steals the authentication tokens of your Google account.
Cheetah Mobile Security Lab took samples from several third-party marketplaces and found some interesting facts. Most of these apps contain malicious code hidden within the popular apps and games. Among them, adware accounts for 39%, and high-risk malware for 0.08%.
Although there are more reports out there, these studies prove that majority of malware comes from outside the Google Play Store. The malware is distributed in multiple ways — in the disguise of a pirated app, legitimate app repackaged with malicious code, drive-by download attack, and more.
Repackaged Legitimate Apps
Repackaging is the worst form of attack, because malware authors usually enclose malicious code in popular apps and distribute them in the third-party marketplace. Like any apps, repackaged apps use social engineering tactics, displaying same user interface, icon, and app labels to trick users. Your device gets vulnerable by simply downloading and installing these infected apps.
According to this article from Trend Micro, most of these repackaged apps replace in-app advertisements or embed new ones to steal or re-route ad revenues, resulting in a financial loss for the original developers and harm users.
A repackaged app with malicious code can perform a variety of malicious activities, such as switching on the GPS without user consent to get accurate location, send SMS to premium-rated numbers, rooting the phone to gain full administrator privileges, downloading additional apps from the Internet, or even registering the compromised phones as bots.
Drive-by Download Attack
In this, when a user taps a in-app advertisement link, it will redirect the user to a malicious website which claims to be a universal video downloader or a fake battery analyzer. This fake app uses a legitimate icon and a familiar interface to trick users, thereby gaining permission to access your device storage, phone identity, location, contacts, and IP address.
Beware of malicious apps on Android
Android’s open-source status makes it easily accessible to people and developers as a whole, but also leaves the door open for malicious apps. Google carefully monitors the Store, and updates it, as and when needed. Rotten apps do slip through on occasion, but Google is fairly quick at removing anything problematic. If you want an app, do a search on Play Store, instead of using a Google Search (you may easily get a pirated app for free and if you don’t believe it, just search for Nova Launcher Prime APK). So, to sum things up, it’s always best to only install apps from the Play Store.
Well, those were our thoughts on why you should never download Android apps from random sources. What do you think? Let us know your thoughts in the comments section below.