Android vulnerable to cyber-attacks

Security expert says commonly used apps have easily exploitable vulnerabilities

Tags: Google AndroidGoogle AppsGoogle Incorporated
  • E-Mail
Android vulnerable to cyber-attacks Google's Android operating system is vulnerable to attacks through weaknesses in several commonly used apps, according to founder of boutique security firm Privateer Labs, Riley Hassell.
By  Georgina Enzer Published  August 15, 2011

Google's Android operating system is open to hacking through approximately a dozen widely-used applications, founder of boutique security firm Privateer Labs, Riley Hassell told Reuters.

Hassell was recently scheduled to speak at a hacker's conference, but pulled out at the last minute. He told Reuters that he and his colleague Shane Macaulay decided not to reveal their research at the event as they did not want cyber-criminals using their research to launch attacks on Android phones.

According to Hassell, Android developers often fail to follow security guidelines and do not always write applications properly.

"Some apps expose themselves to outside contact. If these apps are vulnerable, then an attacker can remotely compromise that app and potentially the phone using something as simple as a text message," he said.

Hassell refused to identify the apps that have vulnerabilities in case hackers used the information.

"When you release a threat and there's no patch ready, then there is mayhem," said Hassell.

He said that he and Macaulay have alerted Google to the software shortcomings they unearthed. But Google spokesman Jay Nancarrow said that Android security experts did not believe he had uncovered problems with Android after Hassell discussed the research with them.

"The identified bugs are not present in Android," he said.

Hassell and McCauley had been scheduled to talk at the hacking conference about "Hacking Androids for Profit", but Hassell has said he plans to give his talk at the Hack in The Box security conference in Kuala Lumpur in October.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code