Two German research groups, one from the University of Leibniz, the other from Philipps University, have discovered a major security flaw that affects over 13,500 Android apps.
The researchers were able to intercept personal data transmitted from popular Android apps using a fake wi-fi hotspot. The "Man In the Middle" (MITM) attacks were able to grab social media logins from sites like Facebook, Twitter, and Google. Bank and credit card information was also stolen, as the study group was able to grab American Express, PayPal and Citibank credentials during its research.
Out of the thousands of apps that were tested, 8% of the apps were discovered to be vulnerable to attack. Not a horrible ratio. The only problem is the apps in that 8% have been downloaded millions of times from the Google Play store according to Google statistics. Unfortunately, the paper published from the researchers did not provide a list of faulty apps.
At the moment, Google has commented on the discoveries of the research. Check out the full paper published by the German research groups here.
[via BBC]
