Tag: mobile security news

Metaforic identifies threat of Android applications

| January 22, 2013

Metaforic identifies Android app threat100% of Android applications compromised, according to Metaforic

All of the most popular mobile applications for the Android platform may have been hacked, according to Infosecurity, an online resource for security information. This possibility is being echoed by Metaforic, a leading mobile security provider, which suggests that the likelihood of a person downloading a compromised application has risen exponentially over the past few years. Metaforic notes that as more compromised applications become available, they could create a serious security threat against major enterprises and even government agencies.

Lack of standards and wide variety of development practices seed potential threats

Application development has changed over the years and developers have adopted myriad practices in order to conduct their tasks. Because there are so many ways to create a mobile application, there is limited standardization that exists to protect the integrity of these applications and ensure they live up to a certain expectation. Metaforic notes that most, if not all, applications becoming compromised because of app repackaging. Repackaging refers to programs that are part of applications that automatically install software across a wide variety of platforms.

Few consumers take steps to protect their mobile devices

Another issue that is causing significant problems in the mobile security sector is the fact that very few people actually protect their smart phones and mobile devices. The vast majority of consumers do not have any kind of security software installed on their devices, leaving them at risk of having their device infected by malware or exploited in other ways. While most mobile devices have some form of internal security, third party software is often needed to completely ensure the security of a smart phone or tablet.

Metaforic advises consumers to find ways to protect themselves

Many of the compromised applications available for the Android platform are likely dormant in some fashion. That is to say that the threats associated with these applications have not yet been activated. Indeed, these threats may never actually take form, but given the fact that so many applications have been compromised — in many cases long before they have actually reached the app market — it may be prudent for consumers to find new ways to protect themselves.

Mobile security flaw discovered in Samsung devices

| December 23, 2012

Mobile Security Problems SamsungDevelopers find mobile security flaw with Samsung Android devices

Developers associated with XDA Developers, a mobile software development community with over 4 million users worldwide, have found a serious mobile security flaw in recent Samsung mobile devices. One developer, going by the username “Alephzain,” discovered that many Samsung devices that use Google’s Android operating system. The security flaw allowed Alephzain, as well as other developers, to access all of the physical memory contain within a Samsung device. Developers were able to access this memory because of an exploit that provided then with root level permissions.

Flaw could make information vulnerable to theft

Mobile security has been gaining serious attention lately, largely due to the types of information that are stored on mobile devices. A typical smart phone or tablet contains a user’s personal information, such as name, address, and birth date, all of which can be used in identity theft. Mobile devices are quickly becoming mobile payment platforms as well, which means they can store a user’s financial information, such as credit card and bank account numbers. This information is highly valuable to a hacker.

Galaxy S III among most vulnerable devices

According to XDA Developers, the Samsung devices that are most vulnerable are the Galaxy S III, the Galaxy S II, The Galaxy Note II, and Meizu MX. Devices that make use of the Exynos processor are also likely to have some degree of mobile security vulnerabilities. Several developers associated with the community have informed Samsung of the serious security flaw, with one going so far as to hack several mobile devices in order to prove that the flaw exists. There are no known Android malware applications that exploit this particular vulnerability.

Financial information could be at risk

Samsung’s Galaxy S III is one of the most popular smart phones in the world currently, having become a major competitor against the iPhone 5 shortly after its launch. Part of the reason the device is so popular is because of its use of NFC technology for data sharing and mobile commerce. When used to make payments, the device stores a consumer’s financial information. The glaring mobile security flaw that seems to have slipped past SamsungĀ  may have put the financial information of millions of Galaxy S III owners at risk.