Researchers hack Gmail app



US researchers have claimed that in over nine out 10 cases, they managed to successfully hack Gmail accounts by disguising harmful software as another app on an Android smartphone.

The researchers were able to access several apps, including Google's popular email service, by disguising harmful software as another app – and Gmail happened to be one of the easiest to access.

While this hack was carried out on an Android phone, the team believes that it could be performed on all smartphones.

"Third-party research is one of the ways Android is made stronger and more secure," said a Google spokesperson, the tech giant having reportedly welcomed the findings.

The research is to air at a cybersecurity event in San Diego, two academics from the universities of California and Michigan on presentation duties.

The other affected apps included Newegg, Chase Bank, WebMD, H&R Block, Hotels.com and Amazon – which, with a 48 per cent success rate, was the hardest to crack.

The hack works by getting into the shared memory of a user's smartphone with malicious software disguised as an apparently normal app. By monitoring the shared memory, the researchers could see when a user was operating apps such as Gmail, providing a window to steal passwords and login details.

"The assumption has always been that these apps can't interfere with each other easily," said Zhiyun Qian, an assistant professor at the University of California and one of the hacking team.

"We show that assumption is not correct, and one app can in fact significantly impact another and result in harmful consequences for the user."

Apple and Windows smartphones use shared data in the same way as Android, the team say, suggesting the hack could be used elsewhere.




More

3 Critical Things To Do If You Are Letting (You Are) IoT Into Your Home

I had an email exchange with Timur Kovalev, CTO of Untangle , on IoT and the focus was what 3 things are critical to anyone building a Smarthome. Since I have a Smartphone, which doesn’t always work as it should, to me the subject was topical. So let’s get to it. Figure out what’s connected and what’s calling home : Timur wrote “If you don't know which devices are connecting to your network, you can't properly secure them. Consider putting a firewall with application-level visibility at the gateway to prevent malicious access attempts while giving you a deeper view into what requests your...

Xiaomi MiBand 2 Hands On and Price

Xiaomi has finally introduced the Mi Band 2 and I am impressed.

S Korea Issues Warrant Against Volkswagen Exec in Emissions Probe

4,400 Korean consumers have filed a lawsuit against Volkswagen demanding compensation over false emissions claims.