• Home
  • Apps
  • Apps News
  • Researchers Hack Into Gmail and Other Apps With 92 Percent Accuracy

Researchers Hack Into Gmail and Other Apps With 92 Percent Accuracy

Share on Facebook Tweet Share Reddit Comment
Researchers Hack Into Gmail and Other Apps With 92 Percent Accuracy
A team of US engineers has developed a method that allows them to successfully hack into apps including Gmail up to 92 percent of the time.

They have identified a weakness believed to exist in Android, Windows and iOS mobile operating systems that could be used to obtain personal information from unsuspecting users.

Researchers tested the method and found it was successful between 82 percent and 92 percent of the time on six of the seven popular apps they tested.

Among the apps they easily hacked were Gmail, CHASE Bank and H&R Block.

Amazon, with a 48 percent success rate, was the only app they tested that was difficult to penetrate.

Once a user downloads a bunch of apps to his or her smart phone they are all running on the same shared infrastructure, or operating system.

"The assumption has always been that apps cannot interfere with each other easily. We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user," explained Zhiyun Qian, an assistant professor at University of California's Riverside Bourns College of Engineering.

The attack works by getting a user to download a seemingly benign, but actually malicious app, such as one for background wallpaper on a phone.

Once that app is installed, researchers were able to exploit a newly discovered public side channel - the shared memory statistics of a process, which can be accessed without any privileges.

Shared memory is a common operating system feature to efficiently allow processes share data.

Augmented with a few other side channels, the team showed that it was possible to fairly accurately track in real time which activity a victim app is in.

"This method will work on other operating systems because they share a key feature researchers exploited in the Android system," Qian noted.

The paper was scheduled to be presented at the 23rd USENIX Security Symposium in San Diego Friday.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Further reading: Apps, Gmail, Google, Hack, Hackers, Hacking
Swing Copters the Latest to Get Lost in a Sea of Clones in App Stores
Google Search for Android Updated to Add Multilingual Voice Search
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.