Google Approves an App that Steals All Your Data

From: MIT

Google’s automated “Bouncer” for apps, which should prevent harmful mobile software from appearing in the company’s app store, appears to have serious blind spots. The system repeatedly scanned but let pass an app that stealthily steals personal data such as photos and contacts, reported two researchers from computer security company Trustwave at the Black Hat security conference in Las Vegas yesterday.

Nicolas Percoco and Sean Schulte are members of Trustwave’s “ethical hacking” research group, known as SpiderLabs, and they created the app to probe Google’s ability to vet the software uploaded to its app store. The pair said the results shows that Google needs to improve both its app-scanning system and its Android operating system.

, , ,

Comments are closed.