Thursday, March 23, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
ZTE Pleads Guilty For Selling U.S. Technology to Iran
Major Advertisers Boycott Youtube Advertising, At Least For Now
Samsung and eSilicon Taped Out First 14nm Network Processor
Now You Can Go Live On Facebook From Your Computer
Qualcomm Snapdragon 835 Benchmarks
Google Maps Lets Others Track You
Google Plans Faster Updates To Keep Android Phones Safe
Apple's iPhone 6s Topped List of Best-Selling Smartphones for 2016
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > Mobiles > Fraunho...
Last 7 Days News : SU MO TU WE TH FR SA All News

Friday, June 10, 2016
Fraunhofer SIT Finds Vulnerabilities in Android Security Apps


The Fraunhofer Institute for Secure Information Technology has discovered severe security vulnerabilities in security apps for Android, including Avira, Kaspersky, McAfee, Eset, and Clean Master Security.

These vulnerabilities can be exploited to turn such apps into attack tools, taking control of smartphones and then extorting their owners financially.

"According to our estimates, up to 675 million devices worldwide could be affected," says Michael Waidner, director of Fraunhofer SIT.

Ransomware, keyloggers, or spyware – the number of attacks on smartphones is increasing. This was determined in the Federal Office for Information Security’s most recent report on the state of IT security in Germany. Many smartphone users protect themselves with the help of security apps that detect viruses and malware. These apps are able to mitigate threats and warn the user of unsafe websites and phishing attacks. However, latest tests conducted at Fraunhofer SIT showed that security apps can not only mitigate security issues, but also cause new ones. The Institute’s experts for software security examined security apps from selected providers, among them the at that time current versions of well-known providers including Avira, Kaspersky, McAfee, Eset, and Clean Master Security, in all of which the experts found security vulnerabilities.

According to experts at Fraunhofer SIT, by exploiting these vulnerabilities, attackers can disable the security apps' protective functions without users noticing. Personal data like address books or calendars can also be stolen. In the worst case scenario, these security apps can be turned into ransomware that aids criminals in locking phones to extort money from smartphone owners.

"We informed the manufacturers immediately. The vast majority reacted promptly and closed the security vulnerabilities," explains Waidner. "The security problems have been resolved on smartphones that download automatic updates from the app-stores. If users have not enabled the automatic update function, they should update their apps to protect themselves from possible attacks."

The researchers at Fraunhofer SIT have found various types of security problems. The essential cause of many of the vulnerabilities detected lies in the apps downloading update information every hour. This information includes patterns for the recognition of viruses, which comes from the manufacturer’s servers. The apps do not sufficiently check whether the update has potentially been manipulated. "If the channel used to download the update has been compromised, code can be infiltrated by means of the man-in-the-middle principle," Waidner explains. "A simple way to do this involves an attack via a public wireless network. If a hacker manipulates traffic using this technique, then everyone using the security app in the same public access point can fall victim to such an attack."



Previous
Next
New Roxio Secure Burn Enterprise Protects Information on Portable Media        All News        Samsung Gear Fit2 GPS Sports Band Launches Globally
Xiaomi Mi Band 2 Tracker Goes On Sale In China     Mobiles News      Samsung Gear Fit2 GPS Sports Band Launches Globally

Get RSS feed Easy Print E-Mail this Message

Related News
Preinstalled Malware May Be Targeting Your Android Phone
Researchers Say 1 Million Google Accounts Breached by "Gooligan"
Android Devices Vulnerable To Physical RAM Attack
Millions Of Android Devices Infected With Chinese Malware
'GODLESS' Android Mobile Malware Uses Multiple Exploits to Root Devices
Android Ransomware Can Change Your Mobile's PIN Code

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .