In a study conducted by the researchers at Germany’s Leibniz University, nearly 13,500 which is 8 percent of famous Android apps can be tricked into leaking user’s personal data.
BBC News reports that at least 183 million app users are at high risk of personal identity theft including emails, social media passwords and confidential bank details because the tested Android apps failed to secure and scramble the attack, making it easier for the attacker to gain access of the private data.
The attackers have created a fake wi-fi hotspot and using a specially created attack tool to spy on the data the apps sent via that route, the researchers were able to:
- Access the login information such as emails, social media passwords, notes and online bank accounts.
- Disable anti-virus or any installed security program or even fooling the user into labeling secure apps as infected
- Inject computer code into the data stream that made apps carry out specific commands
The risk is so high that an attacker could even use the app to request money transfer that seemed legit without the knowledge of the user.
The alarming situation is that users are addicted to these fancy apps, which have been downloaded millions of time, according to the researchers.
The researchers tested some most famous and used apps in Google’s Play store, however there hasn’t been any statement by Google over the research and its results.
In past I wrote about securing your Android phones by using the right security programs at the right time, you can go through the article once again here, download & install the correct solution.
Happy Androiding and safe browsing.