Backend Vulnerabilities Found in Top 5,000 Free Android Apps: Report

Researchers from Georgia Institute of Technology and The Ohio State University studied only applications in the Google Play Store.

Advertisement
By Indo-Asian News Service | Updated: 13 August 2019 19:14 IST
Highlights
  • The vulnerabilities were found in the backend systems
  • 655 instances of zero-day vulnerabilities spotted
  • The researchers have created an automated system to help developers
Backend Vulnerabilities Found in Top 5,000 Free Android Apps: Report

Researchers discovered 983 instances of known vulnerabilities on apps listed on Google Play Store

Cybersecurity researchers have identified more than 1,600 vulnerabilities in the support ecosystem behind the top 5,000 free apps available in the Google Play Store.

While the researchers from Georgia Institute of Technology and The Ohio State University studied only applications in the Google Play Store, applications designed for iOS may share the same backend systems.

The vulnerabilities were found in the backend systems that feed content and advertising to smartphone applications through a network of Cloud-based servers.

The vulnerabilities, affecting multiple app categories, could allow hackers to break into databases that include personal information - and perhaps into users' mobile devices, said the study scheduled to be presented at the 2019 USENIX Security Symposium in the US on Thursday.

Advertisement

"These vulnerabilities affect the servers that are in the cloud, and once an attacker gets on the server, there are many ways they can attack," said Brendan Saltaformaggio, Assistant Professor in Georgia Tech's School of Electrical and Computer Engineering.

The researchers were still investigating whether attackers could get into individual mobile devices connected to vulnerable servers.

Advertisement

"It's a whole new question whether or not they can jump from the server to a user's device, but our preliminary research on that is very concerning," Saltaformaggio added.

In their study, the researchers discovered 983 instances of known vulnerabilities and another 655 instances of zero-day vulnerabilities spanning across the software layers - operating systems, software services, communications modules and web apps - of the Cloud-based systems supporting the apps.

Advertisement

To help developers improve the security of their mobile apps, the researchers have created an automated system called SkyWalker to vet the Cloud servers and software library systems.

SkyWalker can examine the security of the servers supporting mobile applications, which are often operated by Cloud hosting services rather than individual app developers.

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Cybersecurity, Ohio State University, Georgia Institute of Technology
Chandrayaan-2 to Leave Earth Orbit Tomorrow After Trans Lunar Insertion
Advertisement

Related Stories

CloudSEK Raises $19 Million in Latest Funding Round, Plans to Scale AI Models and Platform Integration
19 May 2025
Google Identifies Lostkeys, a Russian Malware That Can Steal Specific Files and Directories
12 May 2025
LockBit Ransomware Group Reportedly Suffers Data Breach, Extortion Tactics Revealed
9 May 2025
Bharat Web3 Association to Host Web3 Cybersecurity Workshop in Bengaluru on May 8
2 May 2025
Microsoft Uses Security Copilot to Identify 20 Flaws in Open-Source Bootloaders
2 April 2025

Tech News in Hindi »

More Technology News in Hindi »
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Google I/O 2025: Here Are All the Major AI Announcements
  2. HP Launches OmniStudio X All-in-One PC With Intel Core Ultra 7 CPU
  3. Retro OTT Release Reportedly Revealed: When and Where to Watch it Online?
  4. Alcatel V3 Pro 5G, V3 Classic 5G Teased Ahead of May 27 India Launch
  5. iQOO Pad 5 Pro With Dimensity 9400+ SoC Debuts Alongside iQOO Pad 5
  6. Inheritance OTT Release Date: When and Where to Watch Spy Thriller Movie Online?
  7. Android 16 Release: All You Can Expect from Google's Upcoming OS Update
  8. Infinix GT 30 Pro 5G With MediaTek Dimensity 8350 Ultimate SoC Launched
  9. Oppo Reno 14 Series to Arrive With Integrated Google Gemini Features
#Latest Stories
  1. Cyberpunk 2077 Sequel Will Feature a Second City in Addition to Night City, Says Series Creator
  2. Trump Memecoin Holders Set to Dine With US President, Tron Founder Justin Sun Confirms Attendance 
  3. Amazon Working on Large Foldable Device Similar to Huawei MateBook Fold Ultimate: Ming-Chi Kuo
  4. Infinix GT 30 Pro 5G With MediaTek Dimensity 8350 Ultimate SoC, 5,500mAh Battery Launched: Price, Features
  5. Google Announces SynthID Detector That Can Identify Gemini-Generated Content at Google I/O 2025
  6. Realme Buds Air 7 Pro Global Launch Set for May 27; Colours, Key Features Revealed
  7. iQOO Watch 5 With 1.43-Inch AMOLED Display and TWS Air 3 With Up to 45 Hours of Total Battery Life Launched
  8. Google Outlines Vision for Universal AI Assistant, Expands Project Astra and Project Mariner
  9. Xiaomi to Equip Premium Smartphones With Snapdragon 8-Series Chips as Part of Multi-Year Agreement
  10. Hong Kong Passes stablecoin Bill, One Step Closer to Issuance
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.