Security weakness uncovered in Android, Windows & iOS by researchers

A team of engineers have identified a serious security weakness in phones across iOS, Android and Windows

US engineers have discovered a way to hack various apps across iOS, Android and Windows devices, successfully infiltrating offerings such as Gmail up to 92 per cent of the time, reports IBN Live.

This is due to a weakness that affects all three major operating systems, with researchers testing seven popular apps to see how easily they could hack into them to obtain sensitive or personal information belonging to the user.

To do this, the researchers got users to download a generic-looking app to their phone, with the app then proceeding to tap into a new public side channel. This has the shared memory that allows data to be shared across process and apps, and can be accessed with privileges.

Zhiyun Qian, assistant professor at University of California's Riverside Bourns College of Engineering, told IBN Live: "The assumption has always been that apps cannot interfere with each other easily. We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user."

Apps tested by the researchers include Gmail, CHASE Bank and H&R Block. Amazon was reportedly the most secure app the engineers tested using this method, with only a 48 per cent success rate compared to 92 per cent for others.

"This method will work on other operating systems because they share a key feature researchers exploited in the Android system," Qian added.

Featured Resources

2021 Thales cloud security study

The challenges of cloud data protection and access management in a hybrid and multi cloud world

Free download

IDC agility assessment

The competitive advantage in adaptability

Free Download

Digital transformation insights from CIOs for CIOs

Transformation pilotes, co-pilots, and engineers

Free download

What ITDMs did next - and what they should be doing now

Enable continued collaboration and communication for hybrid workers

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
Microsoft seizes domains used by Chinese hacking group
cyber attacks

Microsoft seizes domains used by Chinese hacking group

7 Dec 2021
Australia film archive gets $41.9 million to digitise audiovisual heritage
digitisation

Australia film archive gets $41.9 million to digitise audiovisual heritage

6 Dec 2021