, , , ,

Millions of Android Devices Vulnerable to Network Scan Attack

It’s just another day and just another threat against Android users

Researchers have recently discovered hundreds of vulnerable apps on Google Play Store which are allowing hackers to inject them with malicious code which, upon downloading, steal all data from an infected Android device.

The problem, according to the researchers [PDF] is that some of the apps are creating open ports on smartphones, which is not a new problem since the same issue was faced by computers but it is something new when it comes to smartphone technology.

A team from the University of Michigan has tried to use a custom tool for scanning more than 24,000 applications, and 410 of them were found to be flawed. At least one of those apps has been downloaded so many times that there are potentially millions of Android devices which are vulnerable.

Researchers also stated: – “These newly discovered exploits can lead to a large number of severe security and privacy breaches. For example, remotely stealing sensitive data such as contacts, photos, and even security credentials and performing malicious actions such as executing arbitrary code and installing malware remotely.”

The biggest problem lies with the apps that are used for file transfer between smartphones and computers via WiFi. The flawed security is allowing more than just the devices’ owner to access the transfer and the devices themselves. Furthermore, apps which allow services like WiFi File Transfer, are estimated to have been downloaded between 10 and 50 million times. When the Michigan team decided to scan the campus network to determine how many devices can be found in this flaw; after only 2 minutes they were able to discover a number of vulnerable devices.

“To get an initial estimate on the impact of these vulnerabilities in the wild, we performed a port scanning in our campus network, and immediately found a number of mobile devices in 2 minutes which were potentially using these vulnerable apps,” according to the team.

Moreover, it was found that 57 of the 410 apps are truly vulnerable and they have even demonstrated how the attacks work by explaining that the “app opens ports by default and no client authentication or incoming connection notifications are engaged, which put the device user in severe danger.”

Basically, the apps are leaving open doors for any malicious code and not many of those would miss such an invitation. Google is yet to comment on the current situation. So far, the only way to fix this problem would be to uninstall these apps and this should not be difficult. However, this is something that should be fixed ASAP to avoid further problems.

Written by Bianca Gerber

Bianca Gerber is a journalist who is working for the country’s largest newspaper. She has a keen interest in reporting on activism and hacktivism.
She is also a contributor at EU based Revolution News media. Bianca reports and writes for Cyber-USA on IT security related topics.

Leave a Reply

Your email address will not be published. Required fields are marked *