Fortune have an article from a few days ago reporting on a serious weakness within Android that allows malware to read the memory at the time of the user performing certain actions.
Graph showing the % chance of apps being able to ‘hacked’ by this approach
The hack works by the user running a malware app, disguised as the usual wallpaper app or celebrity orientated RPG. Once running the malware app is then able to read the current memory shared with other apps.
The gmail app was hackable in 92% of tests. That’s a staggering number. What’s also surprising is the range of other apps that are open to this kind of flaw, which is a flaw in Android rather than perhaps in the app itself. Newegg and Chase Bank were also easily hacked in this test.
The report does make it clear that it’s not just an Android issue and that, most likely, this would be the same for other mobile OSes as well.
You can be that if a team of researchers have been able to make this work then an organised criminal or state group either isn’t far behind or got there first.
You can watch videos of the hacks here.
Leave a Reply