Research shows vulnerability of downloaded apps

By Balamurugan Selvaraj Published on May 02, 2017 03:29 PM IST

Are you an app addict or a beta tester? Henceforth, be more conscious of downloading apps from Google PlayStore.

Researchers from the University of Michigan discovered that hundreds of applications in the Google PlayStore have security hole that allows actors to steal users data.

The worst thing is through this backdoor, hackers can even implant malware in smartphones and access the instrument for fraudulent activities. According to the research team, this issue is because of insecure coding made by some developers while creating app.

It opens a loop to hackers to steal data via ports such as FTP in smartphones and USB port in PCs. To be clear, the problem is not with smartphone’s operating system or handset. But it lies with the open ports created through insecure coding.

To identify the problem within the apps, the research team designed a static analysis tool which identified and characterised vulnerable open port usage in Android applications. And the team scanned around 1,00,000 Android applications and found 410 potentially vulnerable applications in PlayStore.

In this finding - among those 410 insecure applications, many have been downloaded by nearly 50 million users across the globe through PlayStore and some of it comes as pre-installed in new smartphones.

Backdoors are created through invisible electronic ports, which allow the application to communicate with other services such as Internet which has its preliminary service at port 80. Every vulnerable application opens an unused port ranging from 1 to 65,535 as a virtual door to communicate and exchange data between devices. Applications in the market use network and Internet for efficient use.

At the same time, those applications and ports may have weak links, which would allow the actors to hack and control computer without the knowledge of the user. From the research paper, it has been found that the problem arises when wi-fi file transfer is done from one instrument to another.

Apparently, insecure path may lead the local attackers to hack into the device. As an initial test, the research team performed a port scanning in its campus network and in 2 minutes, they found a number of vulnerable app users, who used the campus network.

A researcher said, "They manually confirmed the vulnerabilities for 57 applications, including popular mobile apps with 10 to 50 million downloads from official app market places, and also an app that is pre-installed on a series of devices. The vulnerabilities in these applications are generally inherited from various usage of the open port, which exposes the unprotected sensitive functionalities of the apps to anyone from anywhere that can reach the open port."

Now, it is clear that open port in an application that is more vulnerable than we think. Issues such as improper authentication, remote code execution or buffer over- flow flaws were the vulnerabilities that existed in the application. Also, using a cloud service, which is affordable to scan the complete network will display the list of vulnerable devices exposed on the Internet.

The team added that these vulnerabilities can be exploited to cause severe damage to users like remotely stealing contacts, photos and even security credentials, and also performing sensitive actions such as malware installation and malicious code execution.

The only viable solution is to uninstal those insecure apps that open insecure ports. Also, using an efficient firewall helps to avoid these issues.