Security exploit leaves millions of Android users at the mercy of cyber criminals


A new study has discovered that hundreds of apps available to download from the Google Play Store could be exposing Android users to cyber criminals.

The study, carried out by the University of Michigan, saw researchers use custom built software called OPAnalyzer to scan 24,000 apps.

Out of the apps scanned, 410 were found to allow hackers to steal the private data and remotely install malware onto their device.

Some of the apps tested are very popular have been downloaded millions of times.

Alarmingly, some even come preinstalled on Android devices.

The exploit is the result of what are known as unprotected open ports.

“An open port (or a listening port) is a communication endpoint for accepting incoming connections in computer networking model, typically used by server applications to handle requests from remote clients,” researchers explained.

“However, these ports can also be connected by malicious clients if not carefully protected, exposing potential  vulnerability in the server software to remote exploitation.”

The 410 apps which were found to pose a risk to users all create open ports on the smartphones they are installed on.

“From the identified vulnerable usage, we discover 410 vulnerable applications with 956 potential exploits in total,” the researchers said.

“We manually confirmed the vulnerabilities for 57 applications, including popular ones with 10 to 50 million downloads on the official market, and also an app that is pre-installed on some device models.

“These vulnerabilities can be exploited to cause highly severe damage such as remotely stealing contacts, photos, and even security credentials, and also performing sensitive actions such as malware installation and malicious code execution.”

“These newly discovered exploits can lead to a large number of severe security and privacy breaches. For example, remotely stealing sensitive data such as contacts, photos, and even security credentials and performing malicious actions such as executing arbitrary code and installing malware remotely.”

The names of the affected apps have not yet been made public, but the researchers said they had contacted the app developers and reported their findings.

However, HackRead reports that apps such as WiFi File Transfer, that make it easy to transfer files from a smartphone to a computer using Wi-Fi is where the problem lies.

This and similar apps lets users connect to a port on their smartphone using Wi-Fi but due to insufficient security it means the transfer is not limited to the owner’s device.

WiFi File Transfer has been downloaded from the Google Play Store between 10 and 50 million times.









Comments are closed.