Many Android apps contain 'open port' flaw putting your device at risk
- Open port flaw turns your Android device vulnerable.
- Researchers from The University of Michigan have released a technical paper explaining the flaw.
According to a study conducted by a group of researchers from The University of Michigan, most Android apps that are used to connect the device to PCs via Wi-Fi could deem it vulnerable.
Your devices can be exploited easily via these apps that are available to download on the Play Store. The report mentions Wi-Fi File Transfer as one of them. Wi-fi File Transfer allows users to connect to an open port on their phone via Wi-Fi, and access files like photos, application data, and anything stored on the phone’s SD card.
The team has designed and implemented OPAnalyzer, a static analysis tool which can effectively identify and characterise vulnerable open port usage in Android applications.Using the tool, the study involves scanning over 1000,000 Android apps. Out of these, 1632 created open ports to connect to PCs and 410 apps were low on security.
"From OPAnalyzer output, we uncover 410 vulnerable applications with 956 potential exploits in total, and manually confirm 57 vulnerable apps that have not been previously reported, including popular ones on the market and even a pre-installed app on some device models. These newly-discovered exploits can lead to a large number of severe security and privacy breaches. For example remotely stealing sensitive data such contacts, photos, and even security credentials and performing malicious actions such as executing arbitrary code and installing malware remotely," the report reads.
Users can protect the app by avoiding apps listed in the report.