Security-conscious Android users who diligently download malware-free applications from reputable marketplaces are still susceptible to data theft thanks in part to lazy, careless, or otherwise poor programming practices. We're not just talking about suspect, bottom-dwelling apps of the Google Play Market, either: Around 8 percent of the store's 13,500 most-popular free apps -- representing more than 185 million installs worldwide -- contain SSL/TLS code that's potentially vulnerable to MITM (man in the middle) attacks through which cyber thieves can swipe user's log-in information, credit card numbers, documents, and other sensitive information.
A team of Germany researchers conducted a recent study (PDF) called "Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security ." As the title implies, the team discovered various forms of SSL/TLS misuse among a host of popular Android apps. Developers commonly embrace SSL or TLS to protect data during communication on the Android platform, according to the researchers; unfortunately, developers don't always implement SSL correctly for its intended usage and threat environment.
For the study, the team analyzed 13,500 popular Android apps using MalloDroid, an extension of the Androguard reverse engineering framework. MalloDroid is capable of detecting potential vulnerabilities for MITM attacks, such as checking which types of permissions an app requires, how an app uses networking API calls, and how it treats HTTP and HTTPS. The tool also downloads and evaluates SSL certificates and assesses validation.
Of the 13,500 scanned apps, the team found 1,074 that were potentially vulnerable. The researchers went on to manually audit 100 of those apps, and they were able to successfully launch MITM attacks against 41 of them to gather a variety of sensitive information.
For instance, developers may choose for their apps to trust all certificates, regardless of who signed them or for what subject they were issued. They also may choose to allow all hostnames, meaning the application forgoes checking whether a certificate was issued for the device's address. Further, developers have the luxury of choosing to mix secure and insecure connections in the same application -- or to not use SSL at all, according to the researchers.
"This is not directly an SSL issue, but it is relevant to mention that there are no outward signs and no possibility for a common app user to check whether a secure connection is being used," according to the report. "This opens the door for attacks such as SSL stripping [i.e. replacing https with insecure http]."
These misuses or nonuses of SSL and TLS open the door to the aforementioned MITM attacks, both passive -- where the attacker can only eavesdrop on communication -- and active, where the attackers can tamper with the communication.
Specifically, researchers found that 21 of their 100 selected apps were set to trust all certificates. By giving their MITM attack proxy a self-signed certificate for the attack, the researchers were able to swipe such information as log-in credentials, webcam access, and banking data.
They noted one particular generic online banking app with as many as a half million users that uses separate classes for each bank containing different trust implementation. Twenty-four of the 43 banks supported were not protected from the team's attack. (The team didn't specify the name of the app, presumably to prevent widespread exploitation of the vulnerability.) The team also found a browser with an install base between 500,000 and 1 million users that mishandles SSL and trusts all certificates, thereby leaking any data the user enters.