Security weakness uncovered in Android, Windows & iOS by researchers

A team of engineers have identified a serious security weakness in phones across iOS, Android and Windows

US engineers have discovered a way to hack various apps across iOS, Android and Windows devices, successfully infiltrating offerings such as Gmail up to 92 per cent of the time, reports IBN Live.

This is due to a weakness that affects all three major operating systems, with researchers testing seven popular apps to see how easily they could hack into them to obtain sensitive or personal information belonging to the user.

To do this, the researchers got users to download a generic-looking app to their phone, with the app then proceeding to tap into a new public side channel. This has the shared memory that allows data to be shared across process and apps, and can be accessed with privileges.

Zhiyun Qian, assistant professor at University of California's Riverside Bourns College of Engineering, told IBN Live: "The assumption has always been that apps cannot interfere with each other easily. We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user."

Apps tested by the researchers include Gmail, CHASE Bank and H&R Block. Amazon was reportedly the most secure app the engineers tested using this method, with only a 48 per cent success rate compared to 92 per cent for others.

"This method will work on other operating systems because they share a key feature researchers exploited in the Android system," Qian added.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Microsoft spearheads industry-wide charter against AI cyber attacks
Security

Microsoft spearheads industry-wide charter against AI cyber attacks

23 Oct 2020
Weekly threat roundup: Chrome, Citrix and WordPress
Security

Weekly threat roundup: Chrome, Citrix and WordPress

23 Oct 2020
IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
CMS platforms succumb to KashmirBlack botnet as businesses rush online
Security

CMS platforms succumb to KashmirBlack botnet as businesses rush online

22 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020