Categories: Security

Apps Stealing from Other Apps Can Compromise Your Security

Most security features can pinpoint apps that steal sensitive user data. When two apps work together, however, it becomes much more difficult to detect the collection of private information. A study released by Virginia Tech uncovered upwards of 20,000 app pairings that can share information in a way that threatens user security. Always take extra measures, keep your apps protected from prying eyes by activating the applock feature now:

applock allows you to set an extra password by creating a numeric or finger pattern.

The Virginia-based security researchers discovered that the risk of privacy exposure for users significantly increased when apps shared information in pairs. Hackers can uncover highly sensitive information about users by combining the data from a navigation app with that of an itinerary, thanks to this flaw.

Read More: Do Yourself a Favor: Lock Your Smartphone

Privilege Escalation
Privilege escalation is a technique utilized by apps and developers to gain deeper access to data and secure information. Apps are able to do this by exploiting a gap within the system such as a bug or a design flaw. Once apps are able to escalate their privileges through this technique, they can perform unauthorized actions. A significant portion of the apps identified in the study relies on privilege escalation to leak and pair data. While such apps would normally never be granted access to sensitive information, the exploitation of bugs and design flaws allows them to expand their reach and potential actions.

Malicious or Not?
When looking at the app pairings uncovered by security researchers, it is hard to pinpoint which specific pairings are intentionally engineered for the purpose of stealing data. Often, only one of the paired apps is malicious. Other times, both of the apps are simply poorly designed. Regardless, the pairing of this data can prove useful to hackers who can access their app log files, regardless of whether or not the flaw was maliciously constructed.

Information at Risk
When relying on calendar, online shopping, and communication apps, beware of the data privileges assigned to such services. App pairings can result in the leaking of user contacts and geolocation, and can even allow access to the web. The apps most susceptible to such dangers are often free since developers are trying to entice users, but the app could also contain several design flaws.

Moving forward, Android mobile users should be aware of the security levels of their apps, both new and old. Users should also be cognizant of the permissions granted to each application, should always read the terms of service, and should never trust apps to have access to information beyond what is strictly necessary.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Vulnerabilities in Cyber Security: what they are and how to fix them?

Learn all about one of the hackers' favorite breach method and keep your company safe…

1 year ago

3 ways to recover deleted photos on Android

Have you ever wondered how to recover deleted photos on Android? After all, the lack…

1 year ago

What is worm?

Digital worms are among the most serious threats in the wild kingdom of the Internet.

2 years ago

Spoofing: What’s it all about?

Spoofing is a fairly sophisticated virtual scam that can fool even the most cautious and…

2 years ago

Careful With That QR Code! Five Steps For QR Code Safety

Five Steps to Reduce QR Code Risk! Step one? Read this article…

2 years ago

Pharming: Phishing’s Nasty Big Brother

Pharming is creating a new, dangerous brand of impostor syndrome. Check how to avoid pharming…

2 years ago