Are cracked applications really free? An empirical analysis on Android devices
This research addresses security risks for Android users who download cracked apps, highlighting incremental findings on resource usage and permission patterns.
The study analyzed 25 cracked Android applications from third-party stores compared to official versions, finding that cracked apps on average use more system resources and request more dangerous permissions, indicating potential malicious intent.
Android is among the popular platforms running on millions of smart devices, like smartphones and tablets, whose widespread adoption is seen as an opportunity for spreading malware. Adding malicious payloads to cracked applications, often popular ones, downloaded from untrusted third markets is a prevalent way for achieving the aforementioned goal. In this paper, we compare 25 applications from the official and third-party application stores delivering cracked applications. The behavioral analysis of applications is carried out on three real devices equipped with different Android versions by using five indicators: requested permissions, CPU usage, RAM usage and the number of opened ports for TCP and HTTP. Based on these indicators, we compute an application intention score and classify cracked applications as malicious or benign. The experimental results show that cracked applications utilize on average more resources and request access to more (dangerous) permissions than their official counterparts.