HindustanTimes Fri,19 Dec 2014


Some android apps vulnerable to data theft attacks
October 23, 2012
First Published: 17:54 IST(23/10/2012)
Last Updated: 18:08 IST(23/10/2012)
Android mascots are lined up in the demonstration area at the Google I/O Developers Conference in the Moscone Center in San Francisco, California. Credit: Reuters/Beck Diefenbach

Up to 185 million Android users could be putting their personal data at risk, according to researchers at the University of Leibniz and University of Marburg, Germany. Following an analysis of the top 13,500 apps currently available on the Google Play store, they discovered 41 that are vulnerable to SSL certificates attacks that could yield users' details.

Armed with a pretend wi-fi hot spot and the right software, the researchers were able to capture details including logins for email and other accounts and bank details and insert their own malware, which gave them control of the app and the data it gathered and shared. The researchers have not revealed the names of the apps in question.

As these apps are most vulnerable when used in conjunction with a non-secure connection, authors of the study followed up their findings with a survey of 745 subjects to see if they understood the risks of using a public -- i.e. unsecured or unprotected -- internet connection, such as a public wi-fi hotspot. The survey found that while most respondents believed that they were quite tech savvy, 47.5% of subjects who did not work in IT were unable to tell when a connection was secure or insecure.

comment Note: By posting your comments here you agree to the terms and conditions of
blog comments powered by Disqus
Copyright © 2014 HT Media Limited. All Rights Reserved