Have you ever wondered why antivirus detects malware apps along with apps? It is a notion that a Malware is not a virus and hence it is not harmful. However nothing is far away from truth than this notion. A recent study has revealed that the presence of malware on your device can open up vulnerabilities in other apps like Gmail.
A crack research team from University of Michigan and California-Riverside researchers found that a single chink in the armor, a single malware app is all that is required to go through the security of the remaining apps just like a knife through butter. The team used a malware ridden app to hack into the popular apps on the Android devices and in the process found the almighty Gmail the easiest to hack. The team had tried out seven different apps and found the Gmail easiest to hack with 92% success rate. The others fared in varying degrees with Amazon being the lowest at 48%.
The most disturbing part of the study was that Gmail is the default email app of Google and it is stark naked and unprotected against malware and hackers. It could be one of the reasons for Google going for the integration of Samsung’s KNOX business security into its upcoming Android updates. It will be better for Google not to stop here and extend the Knox security to ordinary customers as well.
The researchers said that they are pretty certain the same hacks could be replicated on iOS and Windows Phone though they do not have any such plans in the offing.
The modus operandi of the hack is very simple. It involves accessing the app when the user attempts to enter into the app to check email (Gmail) or deposit a check (Chase).
The University of California-Riverside researcher Zhiyun Quian said, “By design, Android allows apps to be preempted or hijacked. But the thing is you have to do it at the right time, so the user doesn’t notice. We do that, and that’s what makes our attack unique,”
The study will hopefully expose the need for enhanced security for Android platform. Google needs to put in place more internet security protection safeguards in the future.