2020-04-07

Xiaomist Inc.

Backdoors have been detected in several thousand Android applications

Cyber ​​security specialists have re-examined applications available for the Android mobile system for backdoors and other hidden functions. Red flags were detected in more than 12 thousand application.

The study was conducted by scientists from the University of Ohio, New York University and CISPA Helmholtz Center for Information Security. Experts have scanned 100,000 most downloaded applications from Google Play, 20,000 applications from alternative stores and 30,000 applications pre-installed on Samsung devices.

Android applications with a hidden backdoor

A new InputScope tool was used to detect hidden functions, including backdoors, which analyzes the automatic behavior of the application in response to user input. The tool turned out to be so effective that with its use, researchers were able to detect as many as 12.7 thousand. applications that contain undocumented features, many of which allowed unauthorized access to your user account.

It's about o service modes, hidden options and master passwords about which the user is not informed during the application installation on his phone. The most discoveries of this type, as many as 6,800, were made in applications available in the Google Play Store. What's more, we're often talking about programs with millions of downloads.

The most common backdoor were access keys hidden in the application, which the user does not learn about during installation (7584 applications). Another problem is hidden functions that allow access to the application and its permissions, which were found in 6013 programs. Hidden master passwords (so-called master passwords) were found in 501 applications.

This does not mean that all applications indicated by experts are doing something wrong

As assured by Kamil Sadkowski, a senior threat analyst at ESET, the mere fact of having applications of this type does not mean that they can be easily used. Potentially, however, they can become a serious security threat, e.g. when the device is lost.

- Where do undocumented functions in applications come from? Sometimes they are intentionally left by the creators as "flavors" for the most inquisitive users. Much more often, however, these are the tools used by developers at the stage of application development and identifying errors in their operation, which have not been removed from the final version. The problem is that what a programmer can be a tool for a criminal can turn out to be a loophole that will bypass the user's security measures and gain access to his data - explains Kamil Sadkowski from ESET.

According to Sadkowski, the only thing users can do to minimize the risk in such a situation is to follow the basic principles of safe smartphone use.

The idea is to pay attention to what permissions it requests from us when installing the application. Let's also remember that in many cases, to use such a hidden backdoor, someone must have physical access to our smartphone. That is why it is worth guarding your device and secure it with a strong lock password or biometrics.

You can find the full report on Android app research here .



Backdoors have been detected in several thousand Android applications

No comments:

Post a Comment