Black Hat 2011: Google Android as vulnerable to drive-by downloads as PCs claims Dasient Research

According to Neil Daswani, CEO of the research firm, he has been working on a major set of research with his colleagues Gerry Esienhaur, Michael Gagnon and Tufan Demir, and the Android platform in particular, has some major security problems.

After analysing around 10,000 apps downloaded from the Android Market, Daswani says his research team found that 842 of them are leaking personal information.

The research, he claims, raises a number of concerns about the security of mobile applications and devices, as well as the personal information of the people who use them.

The report - Mobile Malware Madness, and How to Cap the Mad Hatters: A Preliminary Look at Mitigating Mobile Malware - highlights the fact that drive-by downloads are another major issue for Android users to contend with.

"Our research indicates that mobile devices and applications are subject to a number of security considerations that may cause them to leak personal data, or expose users to infection via malicious drive-bys", said Daswani.

"These issues need to be recognised immediately, both by those who write mobile applications and by the people who use them", he added.

Delving into the smartphone report reveals that many of the 842 leaky apps transmitted the IMEI/IMSI serial number pairs that identify the user's mobile phone and SIM card account to the cellular networks. And, he says, this potentially exposes this personally identifying information to compromise.

The leaks, says the report, occurred most frequently when application developers used IMEIs as user IDs, enabling unrelated applications to compare notes on user behaviour, and clone users' phones.

Mobile drive-by attacks, meanwhile, says Daswani, can become a very real and a new threat vector for malware distributors.

Dasient's security team prototyped a mobile drive-by attack for Android. While drive-bys on desktop PCs on the web are very common, Daswani says that the ability to conduct mobile drive-by attacks is a new, and potentially attractive, method of deployment for malware distributors.

"Mobile devices and applications are becoming a more popular platform for malware creation and distribution", he said.

"It's likely that we are on the threshold of another new wave of malicious attacks, and the time to start preparing is now", he added.

What’s hot on Infosecurity Magazine?