Android apps 'open to snoopers'

By on
Android apps 'open to snoopers'

One in five applications available for Android handsets could expose user data to third-party hackers, according to a new report from security vendor SMobile Systems.

The company said that the openness of the Android Market benefits developers but may present enterprise users with problems if they download a vulnerable application.

"Android Market offers flexibility that markets such as the Apple App Store do not by allowing anyone to develop and publish an application to the Market's consumers," said the Threat Analysis of the Android Market report (PDF).

Google's application store relies on self-policing to guard against vulnerable apps, which SMobile believes can leave a window of opportunity for attackers to exploit as developers struggle to fix problems.

"This presents the opportunity to easily defraud innocent consumers for financial gain. Financial gain drives the paradigm of information security, and attackers now see consumer and enterprise smartphones as targets," the company said.

"Since today's smartphone devices are the equivalent of mobile computers, it is logical that attackers have expanded their focus from PC-based malware to smartphone malware, and an open application repository lends itself to these types of attacks."

In January this year, Google was forced to remove a rogue application disguised as an authentic banking app from its Android Market app store after it turned out to be a phishing scam.

SMobile also warned that many Android Market applications contain information that is susceptible to exploitation.

"One in every five applications request permissions to access private or sensitive information that an attacker could use for malicious purposes," the report said.

"One out of every 20 applications has the ability to place a call to any number without interaction or authority from the user."

Twenty nine of the applications, a small percentage of the 48,694 available, are detected and categorised as spyware by SMobile, while eight include a feature that could allow a remote user to damage the device.

Three per cent of the apps looked at by the SMobile survey could even send high-priced text messages without user authorisation.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
android application applications market report security

Partner Content

Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back
Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
Tech For Good program gives purpose and strong business outcomes
Tech For Good program gives purpose and strong business outcomes

Sponsored Whitepapers

Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
2025 State of Machine Identity Security Report

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services
Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security
MSPs pressed to review ransomware response as new reporting rules commence

MSPs pressed to review ransomware response as new reporting rules commence
Tech Research Asia to present Australian IT M&A report

Tech Research Asia to present Australian IT M&A report

Log in

Email:
Password:
  |  Forgot your password?