Researchers Identify 44 Trackers in More Than 300 Android Apps (twitter, spotify, uber affected)

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
A collaborative effort between the Yale Privacy Lab and Exodus Privacy has shed light on dozens of invasive trackers that are embedded within Android applications and record user activity, sometimes without user consent.

The results of this study, published last week, come to show that the practice of collecting user data via third-party tracking code has become rampant among Android app developers and is now on par with what's happening on most of today's popular websites.

The two investigative teams found tracking scripts not only in lesser known Android applications, where one might expect app developers to use such practices to monetize their small userbases, but also inside highly popular apps —such as Uber, Twitter, Tinder, Soundcloud, or Spotify.

New website shows which popular apps are using trackers
The Yale and Exodus investigation resulted in the creation of a dedicated website that now lists all apps using tracking code and a list of trackers, used by these apps.

The site lists the trackers used by each app, and what details does each tracker collect, along with information on the tracker's privacy policy, ownership, and other related links and information.

In total, researchers said they identified 44 trackers embedded in over 300 Android apps. Overall, three-quarters of the 300+ apps Exodus analyzed contained at least one tracking component, with Google's CrashLytics and DoubleClick being the most popular trackers.

Problem most likely affects iOS as well

In addition, Yale and Exodus researchers also point out that most of these tracking providers also provide homolog iOS components, which means the problem most likely affects iOS apps as well.


Exodus released signatures for each tracker, so mobile security vendors can embed them in their security scanners and detect apps that use any of these services.


More details are available on the Exodus project website and Yale Privacy Lab's GitHub repository. Research on this topic will continue.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top