Researchers have found a weakness in Google’s popular Android operating system that let them hack into Gmail accounts with a 92% success rate.
The vulnerability extends to a number of other apps including H&R Block, Newegg, WebMD, Chase Bank, Hotels.com and Amazon, according to their study. In most cases, their technique succeeded 80-90% of the time. Amazon’s app was the most difficult to crack at 48%.
The hack begins when a user downloads malicious software disguised as a seemingly harmless app like background wallpaper app. Next, the masquerading app exploits a common feature of operating systems—shared memory —to figure out what users are doing on their smartphones.
When timed properly—say, just as a user is entering a username and password, or snapping a picture of a personal check—a hacker can launch a phishing attack. Users think they’re punching their passwords into an app like Gmail, Amazon or Chase, but they’re…
View original post 178 more words