Evil Droid |
Google's Android mobile operating system is again in the hot seat after German researchers found that a security flaw causes nearly 100 percent of Android phones to leak users' secret account credentials. Researchers at the University of Ulm explained that the problem lies in ClientLogin, a Google authentication protocol that verifies communication between Android phones and Google apps such as Google Calendar, Google Contacts and Picasa, as well as third-party Android apps such as Twitter and Facebook.
"This means that the adversary can view, modify or delete any contacts, calendar events or private pictures," the researchers wrote. With your username and password, a hacker could also gain unauthorized access to your online bank accounts and other sensitive information. According to the researchers, 99.7 percent of Android smartphones are vulnerable to this type of attack.
This new exploit casts yet another shadow on Android: between infected apps and a 400 percent increase in malware since last year, Google is having a hard time keeping its increasingly popular smartphone platform safe. In response to the growing incidents of security threats targeting mobile users, AT&T has announced plans to launch a consumer security service for mobile users next year. TechNews Daily
No comments:
Post a Comment