In today’s episode of “Android security bad,” researchers at the University of Michigan have uncovered over 400 apps currently hosted in Google Play – some with tens of millions of installs – that are susceptible to open port malware attacks and data theft. As always, million of users are at risk but we don’t know how many, if any, have actually been affected.
The researchers built a custom tool to analyze tens of thousands of apps in Google’s Android market, identifying 410 that create unprotected open ports on the smartphones they are installed on. These open ports can then be targeted by hackers to steal user data or remotely install malware. The research team identified multiple attack vectors on a sample of those apps, but the full list of affected apps were not named (although they have been reported).
The team identified just shy of a thousand total exploits across the affected apps, manually confirming the vulnerability on 57 of them, “including popular ones with 10 to 50 million downloads on the official market, and also an app that is pre-installed on some device models” (AirDroid).
As is usually the case with these stories, we are not told how to minimize the risk, with the task of protecting our data seemingly left up to the goodwill of developers. While the exploits detailed in the research paper could be quite damaging under certain circumstances, we’ll just have to hope they are addressed and patched before any bad actors attempt to take advantage of them.