Thousands of Android Apps May Leak Personal Data

Research has indicated that several thousand Android apps trick users into divulging personal data.

Scientists carried out an investigation where they tested a total of 13,500 Android apps and found that almost 8 percent failed to protect both social media logins and bank account logins.

Researchers from the security group at the University of Leibniz, as well as the computer science department at the Philipps University of Marburg conducted the research by testing the most popular apps found in Google's Play store. Some of the apps in question had been downloaded millions of times, the researchers said.

Through the creation of a fake Wi-Fi hotspot, as well as utilizing a specific attack tool that spies on the data the apps sent, the researchers could:

  • Capture login details for online bank accounts, email services, social media sites and corporate networks
  • Disable security programs or fool them into labeling secure apps as infected
  • Inject computer code into the data stream that made apps carry out specific commands
In addition, an attacker could re-direct a request to transfer funds. They could also it look like the app was proceeding the transaction without any change.

"About half of the participants could not judge the security state of a browser session correctly," the researchers said. "Most importantly, research is needed to study which counter-measures offer the right combination of usability for developers and users, security benefits and economic incentives to be deployed on a large scale."

There have been several security issues relating to Google's open Android mobile platform through suspicious apps. For example, an Android security flaw had the ability to erase all data.

While it has yet to respond to the researchers' findings, Google is said to be working on integrating a built-in Android malware scanner.

Contact Us for News Tips, Corrections and Feedback         
Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
  • robochump
    Glad I have iOS and Apple is strict on Apps for a reason (too many evil doers!!! heh). OK iHaters thumbs me down....woot!!!
  • robochump
    otacon72Slam iOS all you want but I'd rather be running that then have to deal with all the malware and security holes Android has. You can blame it in the app developers all you want but Android is an inherently unsecure OS. Let the Android fanboy thumb downs begin!

    Dont take it too serious, its all in nerdy fan boyism fun for either camp though Tom's is more Anti-Apple than most sites....heh.
  • otacon72
    robochumpDont take it too serious, its all in nerdy fan boyism fun for either camp though Tom's is more Anti-Apple than most sites....heh.

    I'll never buy an Apple computer but I own the iPhone5. Was with RIM for years but wanted something different. Tried Android but I shouldn't have to hack my phone to uninstall bloatware. Tried the iPhone5 and I was sold. I have very large hands and I found the S3 too big. If I want something larger than the iP5 I'll get a tablet.