LLM App Squatting and Cloning
This addresses impersonation threats in LLM app stores, which can deceive users and compromise ecosystem integrity, representing an incremental application of known mobile app security issues to a new domain.
The study conducted the first large-scale analysis of LLM app squatting and cloning, finding over 5,000 squatting apps and 9,575 cloning cases across platforms, with 18.7% of squatting apps and 4.9% of cloning apps exhibiting malicious behavior.
Impersonation tactics, such as app squatting and app cloning, have posed longstanding challenges in mobile app stores, where malicious actors exploit the names and reputations of popular apps to deceive users. With the rapid growth of Large Language Model (LLM) stores like GPT Store and FlowGPT, these issues have similarly surfaced, threatening the integrity of the LLM app ecosystem. In this study, we present the first large-scale analysis of LLM app squatting and cloning using our custom-built tool, LLMappCrazy. LLMappCrazy covers 14 squatting generation techniques and integrates Levenshtein distance and BERT-based semantic analysis to detect cloning by analyzing app functional similarities. Using this tool, we generated variations of the top 1000 app names and found over 5,000 squatting apps in the dataset. Additionally, we observed 3,509 squatting apps and 9,575 cloning cases across six major platforms. After sampling, we find that 18.7% of the squatting apps and 4.9% of the cloning apps exhibited malicious behavior, including phishing, malware distribution, fake content dissemination, and aggressive ad injection.