Wednesday, October 24, 2012

Android apps leaking private data are putting millions of smartphone users at risk of identity theft, study warns

  • Eight per cent of apps on the Google platform found to be vulnerable
  • Hackers can even use the data to seize control of phones' cameras

By Daniel Bates

|


Android privacy fears: The researchers used a Samsung Galaxy Nexus smartphone running the Android 4.0 Ice Cream Sandwich operating system

Android privacy fears: The researchers used a Samsung Galaxy Nexus smartphone running the Android 4.0 Ice Cream Sandwich operating system

Millions of Android users around the world could be at risk because the apps they use are leaking personal information, according to a study.

Researchers found that 8 per cent of apps on the Google mobile operating system were vulnerable - meaning bank account and credit card information can be stolen.

Hackers can also easily steal users’ Facebook accounts and even seize control of their webcams to spy on them.

The disturbing findings once again highlight the dangers users face by handing over personal data online to companies which have a questionable record on privacy.

The researchers tested almost 13,500 free apps from the Google Play Store and found that 1,074, nearly 8 per cent, had coding which was not adequate.

Of the 1,074 they tested 100 and found that they could hack into 41, which are used by 39.5million people around the world.

The German scientists at the Leibniz University of Hannover and the Philipps University of Marburg, carried the test out using a fake Wi-Fi hot spot which lured in users.

Among the other details they captured were emails and access to corporate networks.

According to the Sydney Morning Herald, the researchers used a Samsung Galaxy Nexus smartphone running the Android 4.0 Ice Cream Sandwich operating system.

The researchers said in their report: ‘We could gather bank account information, payment credentials for PayPal, American Express and others.

‘Facebook, email and Cloud storage credentials and messages were leaked, access to IP cameras was gained and control channels for apps and remote servers could be subverted.’

 ‘Facebook, email and Cloud storage credentials and messages were leaked, access to IP cameras was gained and control channels for apps and remote servers could be subverted’

Paul Ducklin of the security firm Sophos said: ‘The barrier of entry to an application that is either badly written or even dodgily written seems to be quite low.

‘You can occasionally stumble across stuff which really shouldn't be in the Play Store.’

MailOnline has asked Google for a comment.

VIDEO: Android Malware - spread by Facebook App:

Paula Prentis Alicia Silverstone

No comments:

Post a Comment