Researchers at the USENIX Security conference published a paper detailing an exploit that allowed them to steal sensitive user information such as login details and camera snapshots. The apps tested by the researchers were WebMD, GMail, Chase, H&R Block, Amazon, NewEgg, and Hotel.com, a set of popular Android apps that contain sensitive user data.
The researchers – Qi Alfred Chen and Z. Morley Mao from Univesity of Michigan, and Zhiyun Qian from UC Riverside – outlined a vulnerability in the Android GUI framework, the underlying system that provides users with a visual interface.
According to their recently released paper, the GUI of an app, by design, reveals changes in the UI through the device’s shared memory. Hackers are then able to detect whether the screen is displaying anything of importance, such as passwords or photos, allowing hackers to target their attacks at these stages of an app’s transitions. The researchers found that this methods allows them to:
- Unnoticeably hijack the UI state to steal sensitive user input (e.g., lo- gin credentials)
- captures sensitive camera images shot by the user (e.g., personal check photos for banking apps)
The researchers were able to gain access to private information in with 92% succcess rate with Gmail, 91% with H&R Block, but only 47% with Amazon, due to the way their app is designed. Demos of the hack can be found at the researchers’ website at https://sites.google.com/site/uistateinferenceattack/demos.
Importance in the real world
The vulnerabilities used in this exploit are also found in other major operating systems, including Microsoft Windows and Mac OS X, since they use shared memory for their GUI management as well. However, Android Central editor Phil Nickinson stated that the exploit was “was interesting in a theoretical sense, but a lot of things have to happen there for it to be a practical hack”.
In order to be safe and prevent such exploits, make sure to download apps only from trusted sources, such as the official Google Play store. Also check out our article on Android security for some basic tips on how to keep your phone safe.