Security

Apps Stealing from Other Apps Can Compromise Your Security

Most security features can pinpoint apps that steal sensitive user data. When two apps work together, however, it becomes much more difficult to detect the collection of private information. A study released by Virginia Tech uncovered upwards of 20,000 app pairings that can share information in a way that threatens user security. Always take extra measures, keep your apps protected from prying eyes by activating the applock feature now:

applock allows you to set an extra password by creating a numeric or finger pattern.

The Virginia-based security researchers discovered that the risk of privacy exposure for users significantly increased when apps shared information in pairs. Hackers can uncover highly sensitive information about users by combining the data from a navigation app with that of an itinerary, thanks to this flaw.

Read More: Do Yourself a Favor: Lock Your Smartphone

Privilege Escalation
Privilege escalation is a technique utilized by apps and developers to gain deeper access to data and secure information. Apps are able to do this by exploiting a gap within the system such as a bug or a design flaw. Once apps are able to escalate their privileges through this technique, they can perform unauthorized actions. A significant portion of the apps identified in the study relies on privilege escalation to leak and pair data. While such apps would normally never be granted access to sensitive information, the exploitation of bugs and design flaws allows them to expand their reach and potential actions.

Malicious or Not?
When looking at the app pairings uncovered by security researchers, it is hard to pinpoint which specific pairings are intentionally engineered for the purpose of stealing data. Often, only one of the paired apps is malicious. Other times, both of the apps are simply poorly designed. Regardless, the pairing of this data can prove useful to hackers who can access their app log files, regardless of whether or not the flaw was maliciously constructed.

Information at Risk
When relying on calendar, online shopping, and communication apps, beware of the data privileges assigned to such services. App pairings can result in the leaking of user contacts and geolocation, and can even allow access to the web. The apps most susceptible to such dangers are often free since developers are trying to entice users, but the app could also contain several design flaws.

Moving forward, Android mobile users should be aware of the security levels of their apps, both new and old. Users should also be cognizant of the permissions granted to each application, should always read the terms of service, and should never trust apps to have access to information beyond what is strictly necessary.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Why Updating Android Helps Protect Your Phone, Even When Nothing Looks Different

Have you ever put off an Android update because you figured nothing would really change…

57 years ago

Your Phone Knows Where You’ve Been. Here’s Why That Matters More Than Ever

Do you know how many places your phone can remember from just one ordinary week?…

57 years ago

Does Changing Your Password Every Week Make Your Account Safer? Myth or Fact

You’ve probably heard that changing your password every week is a smart way to keep…

57 years ago

What Happens When You Tap “Allow” on an Android App?

You install a new app, open it for the first time, and the screen pops…

57 years ago

5-Minute Monthly Phone Check: What to Review on Android

You unlock your phone to answer a quick text and, without even noticing it, pass…

57 years ago

What Happens to Your Data After You Close an App?

You open an app to order food, check your bank balance, chat with friends, or…

57 years ago