Security weakness uncovered in Android, Windows & iOS by researchers

A team of engineers have identified a serious security weakness in phones across iOS, Android and Windows

US engineers have discovered a way to hack various apps across iOS, Android and Windows devices, successfully infiltrating offerings such as Gmail up to 92 per cent of the time, reports IBN Live.

This is due to a weakness that affects all three major operating systems, with researchers testing seven popular apps to see how easily they could hack into them to obtain sensitive or personal information belonging to the user.

To do this, the researchers got users to download a generic-looking app to their phone, with the app then proceeding to tap into a new public side channel. This has the shared memory that allows data to be shared across process and apps, and can be accessed with privileges.

Zhiyun Qian, assistant professor at University of California's Riverside Bourns College of Engineering, told IBN Live: "The assumption has always been that apps cannot interfere with each other easily. We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user."

Apps tested by the researchers include Gmail, CHASE Bank and H&R Block. Amazon was reportedly the most secure app the engineers tested using this method, with only a 48 per cent success rate compared to 92 per cent for others.

"This method will work on other operating systems because they share a key feature researchers exploited in the Android system," Qian added.

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

What is cloud-to-cloud backup?
cloud backup

What is cloud-to-cloud backup?

1 Mar 2021
Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021

Most Popular

How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
Ransomware operators are exploiting VMware ESXi flaws
ransomware

Ransomware operators are exploiting VMware ESXi flaws

1 Mar 2021