You might have installed quite a few applications on your smartphones. You are quite positive about the fact that you and your data (especially emails) are secured, but a group of researchers from California have something else to say. Furthermore, you own a high-end smartphone, which is also added to the sense of security. But your smartphone, is probably under much risk than you can imagine or expect. The fact was revealed when six computer scientists were working on a project under University of California Riverside. According to the claims of the group of six, they seem to have found a way to hack into seven extremely popular applications with a high success rate.
According to the group of the researchers, the back door to the information could potentially lead to severe circumstances in case of individual matters. On the other hand, the group also feared that this weakness can also be sued to extract vital information from the users’ data without any hassle.
Zhiyun Qian, who is one of the authors has said that the development of Android tools is done on a lot of assumptions. The scenario might be the same for iOS and Windows Phone operating system too. The assumption among the masses in this case is that no application interfere with the working of another application. This is where the trouble creeps up.
“The assumption has always been that these apps can’t interfere with each other easily. We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user… By design, Android allows apps to be preempted or hijacked. But the thing is you have to do it at the right time, so the user doesn’t notice. We do that and that’s what makes our attack unique.
As a part of testing their findings, the group of researchers tried to hack into the Gmail account of any random individual. They were able to enter the system with a success rate of approximately 92%. The research team has shown no intention of earning money from their findings. All they plan to do is submit this as their research work. They have also advised the developers to create a better mesh of security and have asked the users to abstain from installing applications without a certificate.
- Know who tried to access your Gmail and how to prevent hacks.
- Google vows to stop scanning student Gmail accounts for ads.
- Hacking group wishes to aid automobile industry against cyber threats.
The paper, “Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks,” will be presented Friday, Aug. 22 at the 23rd USENIX Security Symposium in San Diego.
[ Source ]