- Smartphone apps could be secretly talking to each other and leaking private information
A recent study into Android apps and their trustworthiness resulted in the discovery of some shocking results.
If you’re one of the countless millennials of the modern world who use apps on their smartphones to organise their day on a constant basis, be it to make online transactions, keep track of appointments, or even just to have a conversation, you might be in for some bad news. A recent study conducted by experts from Virginia Tech University has discovered that these apps might all be communicating with each other, sharing private, confidential information, and more, thereby resulting in a dangerous security breach.
For the first time ever, a large-scale and systematic study of this kind was conducted to discover how trustworthy apps on Android phones are, and the results were shocking. As many as 110,150 apps were tested over a period of three years, including a whopping 100,206 most popular apps from Google’s Play Store and 9,994 malware apps from a private collection of malware app samples known as Virus Share. The results of the study were declared at theAssociation for Computing Machinery Asia Computer and Communications Security Conference in Dubai.
The biggest risks were found to be from basic utilitarian apps which let you customize things like ringtones, widgets, and emojis. Sensitive information such as your bank details and your passwords could potentially be accessed by cyber-criminals to steal your money, your identity, or even remotely control your phone and use it for whatever purpose they wish. Additionally, these apps could also leak the information gathered using your phone’s location tracker to other companies, which could then flood you with advertisements based on the places you’ve been to and the things you have searched for online.
Gang Wang, assistant professor at Virginia Polytechnic Institute and State University, US, said that while researchers were already aware of apps being able to communicate with each other and exchange data, the study shows for the first time that whether it is intentional or not, the behaviour of these apps can create a huge security breach, based on the kinds of apps you use. The threat posed by these apps can be either of two types, firstly, a malware app that is built specifically to launch a cyber-attack, or apps which simply allow data to be shared and leaked.
When it comes to the latter type, there is no possible way of gauging the intention or purpose of the developer, and while still a security breach, it might be completely unintentional, but there is no way to say for sure. The study documented thousands of pairs of apps which could leak confidential and sensitive information and even allow other, unauthorized apps to gain access to the data, and even your phone. Daphne Yao, associate professor at Virginia Tech stated that the study was intended to be a reminder and a wake-up call for software development industries to severely reconsider and update their software development procedures, as well as integrate better safeguards and firewalls into them.