Demystifying Illegal Mobile Gambling Apps

Mobile gambling app, as a new type of online gambling service emerging in the mobile era, has become one of the most popular and lucrative underground businesses in the mobile app ecosystem. Since its born, mobile gambling app has received strict regulations from both government authorities and app markets. However, to the best of our knowledge, mobile gambling apps have not been investigated by our research community. In this paper, we take the first step to fill the void. Specifically, we first perform a 5-month dataset collection process to harvest illegal gambling apps in China, where mobile gambling apps are outlawed. We have collected 3,366 unique gambling apps with 5,344 different versions. We then characterize the gambling apps from various perspectives including app distribution channels, network infrastructure, malicious behaviors, abused third-party and payment services. Our work has revealed a number of covert distribution channels, the unique characteristics of gambling apps, and the abused fourth-party payment services. At last, we further propose a “guilt-by-association” expansion method to identify new suspicious gambling services, which help us further identify over 140K suspicious gambling domains and over 57K gambling app candidates. Our study demonstrates the urgency for detecting and regulating illegal gambling apps.

[1]  Li Li,et al.  Dating with Scambots: Understanding the Ecosystem of Fraudulent Dating Applications , 2018, IEEE Transactions on Dependable and Secure Computing.

[2]  Jacques Klein,et al.  FraudDroid: automated ad fraud detection for Android apps , 2017, ESEC/SIGSOFT FSE.

[3]  Bogdan Carbunar,et al.  The Art and Craft of Fraudulent App Promotion in Google Play , 2019, CCS.

[4]  Haoyu Wang,et al.  LibRadar: Fast and Accurate Detection of Third-Party Libraries in Android Apps , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering Companion (ICSE-C).

[5]  Yuanchun Li,et al.  DroidBot: A Lightweight UI-Guided Test Input Generator for Android , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C).

[6]  Olga Gadyatskaya,et al.  Evaluation of Resource-Based App Repackaging Detection in Android , 2016, NordSec.

[7]  Li Li,et al.  How do Mobile Apps Violate the Behavioral Policy of Advertisement Libraries? , 2018, HotMobile '18.

[8]  Norman M. Sadeh,et al.  Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcing , 2012, UbiComp.

[9]  Nicolas Christin,et al.  Evading android runtime analysis via sandbox detection , 2014, AsiaCCS.

[10]  Jacques Klein,et al.  MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps , 2020, WWW.

[11]  Haoyu Wang,et al.  Identifying and Analyzing the Privacy of Apps for Kids , 2016, HotMobile.

[12]  Jason Nieh,et al.  A measurement study of google play , 2014, SIGMETRICS '14.

[13]  Xiapu Luo,et al.  Beyond the Virus: A First Look at Coronavirus-themed Mobile Malware , 2020, ArXiv.

[14]  Jie Liu,et al.  DECAF: Detecting and Characterizing Ad Fraud in Mobile Apps , 2014, NSDI.

[15]  Hui Liu,et al.  Vulnerability Assessment of OAuth Implementations in Android Applications , 2015, ACSAC 2015.

[16]  Hao Li,et al.  RmvDroid: Towards A Reliable Android Malware Dataset with App Metadata , 2019, 2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR).

[17]  Haoyu Wang,et al.  An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective , 2017, WWW.

[18]  Hao Li,et al.  Understanding the Evolution of Mobile App Ecosystems: A Longitudinal Measurement Study of Google Play , 2019, WWW.

[19]  G. Brooks Online gambling and money laundering: “views from the inside” , 2012 .

[20]  Ryan Stevens,et al.  MAdFraud: investigating ad fraud in android applications , 2014, MobiSys.

[21]  Jacques Klein,et al.  An Investigation into the Use of Common Libraries in Android Apps , 2015, 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER).

[22]  Haoyu Wang,et al.  WuKong: a scalable and accurate two-phase approach to Android app clone detection , 2015, ISSTA.

[23]  Narseo Vallina-Rodriguez,et al.  An Analysis of Pre-installed Android Software , 2019, 2020 IEEE Symposium on Security and Privacy (SP).

[24]  Haoyu Wang,et al.  Understanding Third-Party Libraries in Mobile App Analysis , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C).

[25]  Guozhu Meng,et al.  Characterizing Android App Signing Issues , 2019, 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[26]  Yao Guo,et al.  DaPanda: Detecting Aggressive Push Notifications in Android Apps , 2019, 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[27]  Narseo Vallina-Rodriguez,et al.  Beyond Google Play: A Large-Scale Comparative Study of Chinese Android App Markets , 2018, Internet Measurement Conference.

[28]  Evangelos P. Markatos,et al.  Measurement, Modeling, and Analysis of the Mobile App Ecosystem , 2017, ACM Trans. Model. Perform. Evaluation Comput. Syst..

[29]  Haining Wang,et al.  Casino royale: a deep exploration of illegal online gambling , 2019, ACSAC.

[30]  Alex Blaszczynski Online gambling and crime: causes, controls and controversies , 2015 .

[31]  Narseo Vallina-Rodriguez,et al.  Understanding Incentivized Mobile App Installs on Google Play Store , 2020, Internet Measurement Conference.

[32]  Jin Song Dong,et al.  LightSense: A Novel Side Channel for Zero-permission Mobile User Tracking , 2019, ISC.

[33]  Tao Xie,et al.  WHYPER: Towards Automating Risk Assessment of Mobile Applications , 2013, USENIX Security Symposium.

[34]  Lei Wu,et al.  Mobile App Squatting , 2020, WWW.

[35]  Yajin Zhou,et al.  Demystifying Diehard Android Apps , 2020, 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[36]  Haoyu Wang,et al.  Understanding the Purpose of Permission Use in Mobile Apps , 2017, ACM Trans. Inf. Syst..

[37]  Haoyu Wang,et al.  All your app links are belong to us: understanding the threats of instant apps based attacks , 2020, ESEC/SIGSOFT FSE.

[38]  Li Li,et al.  Automated Third-Party Library Detection for Android Applications: Are We There Yet? , 2020, 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[39]  Li Li,et al.  Want to Earn a Few Extra Bucks? A First Look at Money-Making Apps , 2019, 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[40]  Fengyuan Xu,et al.  DeepIntent: Deep Icon-Behavior Learning for Detecting Intention-Behavior Discrepancy in Mobile Apps , 2019, CCS.

[41]  Muttukrishnan Rajarajan,et al.  Android Security: A Survey of Issues, Malware Penetration, and Defenses , 2015, IEEE Communications Surveys & Tutorials.

[42]  Sancheng Peng,et al.  Smartphone Malware and Its Propagation Modeling: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[43]  Li Li,et al.  Why are Android Apps Removed From Google Play? A Large-Scale Empirical Study , 2018, 2018 IEEE/ACM 15th International Conference on Mining Software Repositories (MSR).

[44]  G. Antonopoulos,et al.  Organized crime and illegal gambling: How do illegal gambling enterprises respond to the challenges posed by their illegality in China? , 2016 .

[45]  Tao Xie,et al.  A Study of Grayware on Google Play , 2016, 2016 IEEE Security and Privacy Workshops (SPW).

[46]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[47]  Zhou Li,et al.  The Ever-Changing Labyrinth: A Large-Scale Analysis of Wildcard DNS Powered Blackhat SEO , 2016, USENIX Security Symposium.

[48]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.