- Apr 25, 2013
- 5,355
If you're an Android user you may already have been tempted to don your tin hat and descend to your bunker following today's earlier story about app hacking. Prepare to settle in for a long seige then as new research reveals that many of the most popular Android apps have SSL vulnerabilities that leave them open to man in the middle (MITM) attacks aimed at stealing personal information.
According to threat protection specialist FireEye a significant proportion of apps allow an attacker to intercept data exchanged between the Android device and a remote server.
A MITM attacker may simply "listen in" to data as it's transmitted, replace or modify it to inject malicious content into an app, or redirect traffic to a new application.
FireEye has looked at the 1,000 most downloaded apps in the Play store and found that around 68 percent have one of three major SSL vulnerabilities leaving them open to MITM attacks.
Of 614 apps that used SSL/TLS to communicate with a remote server, 73 percent didn't check certificates. Eight percent failed to verify the hostnames of servers making redirection possible, and of 285 apps using WebKit, 77 percent ignored SSL errors which could allow the exploit of Javascript vulnerabilities.
The company suggests that users can help protect themselves, "...by not accessing websites that require user login credentials when using public wi-fi networks. This in itself, with general vigilance in opening emails from unknown sources, will go a long way in protecting sensitive information from MITM attacks".
You can read more details of the research, which includes case studies of individual apps, on the FireEye blog. You might also want to sign up to beta test the latest Sophos security solution for Android.
According to threat protection specialist FireEye a significant proportion of apps allow an attacker to intercept data exchanged between the Android device and a remote server.
A MITM attacker may simply "listen in" to data as it's transmitted, replace or modify it to inject malicious content into an app, or redirect traffic to a new application.
FireEye has looked at the 1,000 most downloaded apps in the Play store and found that around 68 percent have one of three major SSL vulnerabilities leaving them open to MITM attacks.
Of 614 apps that used SSL/TLS to communicate with a remote server, 73 percent didn't check certificates. Eight percent failed to verify the hostnames of servers making redirection possible, and of 285 apps using WebKit, 77 percent ignored SSL errors which could allow the exploit of Javascript vulnerabilities.
The company suggests that users can help protect themselves, "...by not accessing websites that require user login credentials when using public wi-fi networks. This in itself, with general vigilance in opening emails from unknown sources, will go a long way in protecting sensitive information from MITM attacks".
You can read more details of the research, which includes case studies of individual apps, on the FireEye blog. You might also want to sign up to beta test the latest Sophos security solution for Android.
