Beware of Unsecured Android Apps from Google Play Store
Published on October 23rd, 2012
Android users regularly visits the Google Play Store, and regularly download different kinds of apps almost every day. However, not just because you have downloaded the app from the official Google Play Store, means you are already safe, and the app that you are using is safe. That’s not totally true! Researchers from the Philipps University of Marburg and University of Leibniz has discovered that almost 8% of the apps they tested are unsecured Android apps that fails to protect the personal information of the user.
According to researchers, these unsecured Android apps, do not have the sufficient compliance or mechanism to protect the personal information of a user while sending and receiving data from the phone to the server and vice versa.
The researchers have conducted the study on some of the most popular apps found in Google Play Store. In order for the researchers to derived with such conclusions, they setup a fake WiFi hotspot and used spying tools to get the data that the Android app sends and received while connected to the hotspot.
Researchers found out that many of the apps was not able to provide enough security, thus a 3rd party user (in this case the researchers) was able to get some important data, while unsuspecting user does his browsing. They also discovered that a 3rd party can actually inject specific set of codes (like a SQL Injection) that could execute unwanted commands to your phone.
But that’s not the worst, a 3rd party user (the hacker) can actually divert or transfer the funds that you are trying to send to someone, and perhaps transfer it to their account. That’s cyber stealing. The said attacks from a hacker can be done without the user realizing that he’s being rob already. Most people don’t realize that someone has already tapped to their phones and has been secretly stealing important data or money from them.
I guess Google has to strengthen the security features of their operating system, as well as impose a strict compliance or standards to the Android apps submitted online. So be very careful when doing important transaction using your Android phone. Always stay safe and don’t connect to an unfamiliar or unsecured WiFi network.
Some users use VPN to protect them from unwanted spying on their phone. But that’s not a 100% guarantee that you will be safe, since the apps themselves already has holes on it.