Wednesday, January 27, 2021
Home Lead Story Majority of Smartphone Apps Contain "Backdoor Secrets" Which Allow Hackers To Access...

Majority of Smartphone Apps Contain “Backdoor Secrets” Which Allow Hackers To Access Private Data

According to the study, developers often wrongly assume reverse engineering of their apps is not a legitimate threat

Cybersecurity researchers have discovered that a large number of mobile phone applications contain hardcoded ‘backdoor secrets’ allowing hackers to access private data or block content provided by users.

“The study’s findings: that the apps on mobile phones might have hidden or harmful behaviours about which end users know little to nothing,” said study author Zhiqiang Lin from the Ohio State University in the US.

“Typically, mobile apps engage with users by processing and responding to user input. For instance, users often need to type certain words or sentences or click buttons and slide screens. Those inputs prompt an app to perform different actions,” Lin added.

Please Follow NewsGram on Twitter To Get Latest Updates From Around The World!

For this study, the team evaluated 150,000 apps. They selected the top 100,000 based on the number of downloads from the Google Play store, the top 20,000 from an alternative market, and 30,000 from pre-installed apps on Android smartphones.

They found that 12,706 of those apps, about 8.5 per cent, contained something the research team labelled “backdoor secrets” – hidden behaviours within the app that accept certain types of content to trigger behaviours unknown to regular users. They also found that some apps have built-in “master passwords,” which allow anyone with that password to access the app and any private data contained within it.

And some apps, they found, had secret access keys that could trigger hidden options, including bypassing payment. “Both users and developers are all at risk if a bad guy has obtained these ‘backdoor secrets,’. In fact, motivated attackers could reverse engineer the mobile apps to discover them,” Lin said.

Hackers
Cybersecurity researchers have discovered that a large number of mobile phone applications contain hardcoded ‘backdoor secrets’ allowing hackers to access private data or block content provided by users. Pixabay

According to the study, developers often wrongly assume reverse engineering of their apps is not a legitimate threat. “A key reason why mobile apps contain these ‘backdoor secrets’ is because developers misplaced the trust,” said study lead author Qingchuan Zhao.

To truly secure their apps developers need to perform security-relevant user-input validations and push their secrets on the backend servers. In addition, the research team have developed an open-source tool, named InputScope, to help developers understand weaknesses in their apps and to demonstrate that the reverse engineering process can be fully automated.

ALSO READ: Price Of Smartphones increase in India Due To GST Hike

The study was accepted for publication by the 2020 IEEE Symposium on Security and Privacy in May. The conference has been moved online because of the global coronavirus (COVID-19) outbreak. (IANS)

STAY CONNECTED

19,120FansLike
362FollowersFollow
1,773FollowersFollow

Most Popular

High Omega-3 Levels Reduce The Death Risk In Covid

People with higher omega-3 levels in their blood may have a reduced risk of death from Covid-19 infection, a new study suggests. The findings, published...

People Hesitant To Visit The Emergency In USA For Children

Nearly one in four families in the USA had said that they would be unlikely to bring their child to the emergency ward if...

UNEP Says There Is An Increase In Climate Litigations

Climate litigation cases have spiked in recent years, making the courtroom increasingly relevant to efforts to address climate change around the world, an UN...

Study Links Light Pollution And Preterm Birth

Light pollution, based on a direct measure of skyglow, could increase the likelihood of preterm birth, a new study suggests. The study, published in the...

A Farmer Protest Timeline: How Things Turned Violent In Delhi On R-Day

Farmers, who were seen as friendly and peaceful for more than 60 days as they waited for the government to accept their terms, suddenly...

Happy Childhood May Lower Drug Risk Among Teens

If your teenage child has memories of a happy childhood, they are less likely to indulge in drinking or substance abuse and enjoy learning,...

Priyanka Chopra: Its Enlightening To Understand The Importance Of Women In Leadership

Actress Priyanka Chopra Jonas is celebrating the women who helped in drafting the Indian Constitution and says it has been enlightening to understand the...

72nd Republic Day: Time For A Patriotic Musical Rewind

As India celebrates 72nd Republic Day on Tuesday, it is time for a musical rewind of Republic Day songs. There are countless classics that spring...

Recent Comments