Android Hack Clarification and Update

With the recent media exposure of widespread hacking in Android devices. A security group has decided to force manufactures who use Googles software to administer a patch for the security by publishing a software kit that will allow an individual to hack information from Android operated devices. The hole, if left untended, can allow hackers to access a users device and snoop email and text messaging data.

According to Nicholas Percoco, who is the head honcho for Spider Labs, the root-kit for the platform wasnt that difficult to build. Working in collaboration with a colleague, it took him about a week to develop the hack package. The tool allows an individual with malicious intent to read to obtain a targets email and SMS/MMS data at will. It was distributed on DVD at the Defcon conference. At the event, there was an attendance of about 10,000 security experts who can attend the event anonymously. The event is also a catalyst for governmental law enforcement to recruit talent in order to aid them against computerized attacks. They also attend in hopes to apprehend digitally malicious offenders who attend the event anonymously.

It is typical for consumers and experts alike to theory that hacks occur on platforms that have the largest user-base, which has been the theorized case for the Windows operating system. However, the case of the Android hacking spike contradicts the belief of how hackers make their selection. Apples iOS user-base is a little more than four times the size of Googles Android and is a little bigger than Microsofts Windows Mobile platform.

Since the recent exposure of the latest hack on the platform that was reported by Venture Beat, there has been one blog to step out and defend the Android platform saying that the news being reported by VB was stretching the matter out of proportion by invoking fear, uncertainty and doubt with the mentioning of the recent breach of security of Android being malicious.

Since then, the team at Lookout has clarified their statement by stating the application in question has not yet been officially determined to be malicious per se, but the application does ask for a number of sensitive information and then transfers that data outside US territory to a sever in China. AppleInsider has gotten more information on the matter from Lookout themselves.

AppleInsider reports that…

Lookout has clarified in followup comments with AppleInsider that the intent of their “App Genome Project” research was to “identify security threats in the wild and provide insight into how applications are accessing personal data and other phone resources.”

The group noted that the Android wallpaper app was “not proven to be malicious,” but that the app does “ask the user for specific information around the phone details and that information is transferred to a server [in China].”

Correcting the original VentureBeat story, Lookout stated that “the apps from these developers send several pieces of sensitive data to a server, including a devices phone number, subscriber identifier, and currently programmed voicemail number. The applications we analyzed did not access a devices SMS messages, browsing history, or voicemail password (unless a user manually programmed the voicemail number on the device to include the voicemail password).”

Lookout also reiterated there is “no proof of malicious intent and in the past apps have been a bit overzealous in getting access to sensitive data with no ill intent.” Lookout compared the Android wallpaper app copying local data to a Chinese server with a recent App Store title that purported to be a flashlight app while actually including a hidden SOCKS proxy that could be used for tethering.

Lookout added that it hasn’t “yet” published a report detailing the Android wallpaper app, suggesting that it is continuing to look at the situation.)

share permalink ping 7 Comments