About 40% of Android apps ask for excessive permissions for location information access, while 33% require personal information be supplied to access the app. Service charging excesses were a distant 8.4%, and none of the apps appeared to require excessive service information data, according to AhnLab's analysis.
To determine whether Android apps required excessive permissions, AhnLab analyzed 178 apps using its cloud-based application analysis platform, which verifies the security of Android apps.
The platform scanned apps for five different types of permissions: personal information access, service information access, location information access, service charging, and device information access. In this analysis, the degree of risk was marked on a scale from 1 to 100 by each type of permission, and the apps that scored 60 and above were classified as malicious.
“As many users select Android-based smartphones, the number of malicious codes which target personal information or payment information is also increasing”, said HoWoong Lee, director of AhnLab Security E-response Center. “This kind of malicious behavior can be even more dangerous when it comes to stealing banking data. It is very hard for the victims to notice the malicious behavior as it is run behind the normal application”, he explained.