Android: The One That Gets All the Attention - Developers, Hackers and YOU

Everybody loves Android

Android is considered one of the best operating systems used in smart phones. This operating system is backed by Google, the number one search engine. The Google Play has become an obsession now, enjoying the biggest number of smart phone apps. Many of them are absolutely free. But what if we tell you that Android is the easiest operating system to hack) and even customized apps such as Gmail can be hacked. Recently it was checked and confirmed that Gmail is one of the top endangered apps, which can be hacked very easily.

This hack is done by disguising malicious software engineered by unfortunately smart people. They created a copy of Gmail app and waited for the victims whoever downloaded that copy to their Android phone. Personal and monetary correspondence would be at the mercy of the programmer. Android devices are vulnerable to hacking that it can be done anywhere any time. For instance, a hacker might have his equipment in his side pocket, all what he has to do in order to hack your Android phone, is to get closer to your device. This literally means that a person that you shake hands with, a passenger who you visit with or even the stranger whose shoulder brushes against yours, can hack all your personal and financial dealings done through Android apps.

It is expert opinion that totally opposite to public opinion, when it comes to security threats, Apple’s iOS is somewhat more immune than Android to hack due to stronger regulations on what they allow to be published in the App Store, according to David Shamath from Times of Israel. Another big problem is Android’s design. Unlike iOS, Android was not designed by a company specializing on mobile operating system. Google is primarily a search engine, and their approach was to design an open-for-all OS. Programmers, developers have much more powers to make the mobile apps work whichever way they want to.

When you read that financial apps for Chase Bank, Amazon or WebMD, big brand names, were found vulnerable to hacking attempts, do you ask how easier it is to hack the rest?

And it doesn't stop there. Advanced cybercriminals can take control of your Android mobile’s mic and camera without needing special equipment or software. This can be done easily through tools, available online for free. This issue has become importance when we realize that Android is the OS used by over 80% of the world’s smart phone users. Do we ask users all to switch to iOS or demand Google to impose a stricter policy on the App Store? The first is unlikely, and the second is absolutely not. Open-source is a good thing and should continue this way. But to continue, we need to deal with current security issues impacting Android users and developers.

Need help or have any question, contact us at support@seacat.mobi and follow us @SeaCatMobi

Photo credit: imcreator


TurboCat.io

Data anonymization tool for GDPR

More information


You Might Be Interested in Reading These Articles

SeaCat and OpenSSL Heartbleed Bug

After almost two and a half year we hope that the Heartbleed remains in the past. It is not true, unfortunately. Now we have proof that a security vulnerability remains with us for a long time, maybe almost forever even when there exist patches and fixes. The Internet is a battlefield among the good, the bad, and the ugly. Who has better attacking or defending technology wins.

Continue reading ...

security

Published on December 20, 2016

Situations Where Mobile App Security Best Practices is Necessary

The use of mobile app security best practices has become a necessity as app development and mobile usage continue to grow. These practices are needed to improve consumer protection, trust, and regulatory compliance.

Continue reading ...

security development

Published on March 24, 2015

OpenSSL DROWN Vulnerability Affects Millions of HTTPS Websites and Software Supporting SSLv2 (CVE-2016-0800)

DROWN is caused by legacy OpenSSL SSLv2 protocol, known to have many deficiencies. Security experts have recommended to turn it off, but apparently many servers still support it because disabling SSLv2 requires non-default reconfiguration of the SSL cryptographic settings which is not easy for common IT people who have limited security knowledge and don’t know the location to disable this protocol and the way to disable it.

Continue reading ...

security bulletin blog

Published on April 12, 2016