Millions of Android Devices Vulnerable to Network Scan Attack

  • 413
  •  
  •  
  •  
  •  
  •  
  •  
    413
    Shares

The Researchers have recently found hundreds of vulnerable apps on the Google Play Store that are allowing the hackers to inject with malicious code which, on downloading, steals all the data from the infected Android device.

This problem, according to these researchers [PDF] is some of apps are creating the open ports on the smartphones, this is not a new problem since the same issue is faced by many computers but this is something new when it comes to the smartphone technology.

A team from University of Michigan tried to use a custom tool to scan more than 24,000 applications, and nearly 410 of them are found to be flawed. These apps are downloaded​quite often so they are potentially millions of the Android devices which are now vulnerable.

Researchers also stated the following: – “The newly discovered exploits can lead to a very large number of very severe privacy and security breaches. For example, stealing sensitive data remotely like photos, contacts, and even security credentials and then performing some malicious actions like executing arbitrary code and then installing malware remotely.”

The biggest problem here lies with apps which are used for the file transfer between computers and smartphones through the WiFi. This flawed security is allowing for more than just the owner of the device to access the transfer and the devices themselves. Further, apps that allow services such as WiFi File Transfer, are estimated to have  downloads between 10 and 50 million times. When this Michigan team decided to scan their campus network to determine how many of the devices can be found in this flaw; just in 2 minutes they are able to find a number of vulnerable devices.

“To get an initial estimate on the impact of these vulnerabilities in the wild, we performed a port scanning in our campus network, and immediately found a number of mobile devices in 2 minutes which were potentially using these vulnerable apps,” according to the team.

The following two tabs change content below.
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]
Avatar

Latest posts by Unallocated Author (see all)

Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!