Malicious Android Apps Can Steal Information From Other Apps

Nancy Anderson
Posted by in Technology


Ninety-nine percent of all malicious apps target devices running the Android operating system, according to a report published in 2013 by cybersecurity firm Kaspersky Labs. Backdoors, a class of malware that surreptitiously installs harmful software and steals confidential data from other apps, made up a significant proportion of these threats. The report has further stoked fears that the safeguards designed to prevent unauthorized sharing of data between apps are being increasingly circumvented by criminals.

Designers of malicious apps are partly aided by undisclosed or unforeseen weaknesses in operating systems. For instance, a paper presented on Aug. 13, 2014 at the USENIX Security Conference revealed an information-sharing flaw that allows hackers to infer the state of a targeted app by secretly studying its user interface. Using this technique, cyber criminals can design malicious programs that take photos every time the camera is active without the user knowing. As proof, the researchers shared a video showing a malicious app they had designed using the approach to steal credit card information from a browser app and even copy the photo of a cheque taken by an e-banking program. Keyloggers, applications that record keystrokes, can also exploit this and other techniques to steal data.

Some apps, while legal, are regarded as borderline malicious. One example is the controversial Carrier IQ application. Marketed as an analytics program that can help carriers improve their services, it is derided by critics as spyware because it gathers data from other smartphone apps without the consent or knowledge of the user. Its operations were first brought to light in 2011 by Trevor Eckhart, a security researcher who went on to share a video showing the application gathering data even with his device in airplane mode and connected to a Wi-Fi network, at which point it should have stopped. It never appears on the list of running processes, and it cannot be stopped. Analysts point to these and other incidents as proof that, despite efforts to the contrary, malicious apps can illegally access data from other smartphone programs.

Thankfully, Google, its partners and cybersecurity experts have not sat idly by as malicious apps seek to wreak havoc in the Android ecosystem. The company has a service known as Bouncer that automatically checks all applications for spyware and suspicious behavior before they are uploaded to the Play Store, its app repository. The company regularly scans apps, even those from third-party stores, after download and installation in user's devices. Bouncer has been relatively successful, and the service is praised by many security analysts. In addition, Google keeps track of programmers' accounts and blocks those who consistently develop malicious apps.

Researchers have proved beyond doubt that malicious programs can exploit weaknesses in Android or circumvent safeguards to access data from other apps. However, Google's responses (introducing services such as Bouncer, patching security holes and iterating Android regularly, among others) have earned it praise from security analysts, who believe that such unwavering diligence is needed to protect the popular mobile operating system from the plethora of malicious apps that have made it their target.

 

Photo courtesy of jscreationzs at FreeDigitalPhotos.net


 

Comment

Become a member to take advantage of more features, like commenting and voting.

Jobs to Watch