Hacking Gmail With 92 Percent Success

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Researchers have identified a weakness in Android, Windows and iOS mobile operating systems that can be hacked 82% to 92% of the time. :eek:

The researchers tested the method and found it was successful between 82 percent and 92 percent of the time on six of the seven popular apps they tested. Among the apps they easily hacked were Gmail, CHASE Bank and H&R Block. Amazon, with a 48 percent success rate, was the only app they tested that was difficult to penetrate.
Click to expand...
 
Yeah so they assume iOS is affected and can't test it but go ahead and claim its vulnerable anywway.

First the attack has to pass Apple control and get approved.
 
The attack works by getting a user to download a seemingly benign, but actually malicious, app, such as one for background wallpaper on a phone.
Click to expand...

Yeah no shit geniuses. You mean downloading malware on my phone has the potential to compromise my private data? HOW? NO?! NEVER!

BTW i've discovered a smartphone hack that works 100% of the time on all users: When you see someone logged into their gmail, hit them in the back of the head with a brick and steal their phone. Works every time. Very low cost to perform.

</cynicism>
 
Not surprised UC Riverside is desperately seeking attention. They're rehashing malware on PC but on mobile devices.
 
mastaBlasta said:
Yeah no shit geniuses. You mean downloading malware on my phone has the potential to compromise my private data? HOW? NO?! NEVER!

BTW i've discovered a smartphone hack that works 100% of the time on all users: When you see someone logged into their gmail, hit them in the back of the head with a brick and steal their phone. Works every time. Very low cost to perform.

</cynicism>
Click to expand...

exactly what I was thinking, except I was wondering why they can't get their virus errrr.... "hack" to work 100% of the time, plus they need to be monitoring the activity in real time. Come on guys, this is a simple man in the middle attack so just put a memory key logger with random cloud storage updates and voila the AI will clean your data and you can show up in the morning with all your userid's/passwords of the idiots who downloaded your virus.... ugh
 
So don't download worthless apps for setting wallpapers. Hello. :rolleyes:
 
They're late to the party. They could just give Google some money to get legal access to all the stuff that gets sent back home when you use any of their products or services.
 
BunnyKillBot said:
Erm Android?
Click to expand...

When looking at market share however, Ash is sure to count Android as Linux. Saying that Android is equivalent to desktop Linux is like saying that two completely different houses are the same because they have a crawlspace foundation.

At any rate, any OS would be vulnerable to this kind attack once the malware got installed, including Linux. It's basically intercepting whatever data it can from a running program. That's easy for to do for a desktop OS.
 
I'm one of those weird guys who still doesn't even own a smartphone and still has a big desktop I guess.
 
I'm really sorry but as a Blackberry fan and user of a Z10 I say "HAH" to all those mobile phone systems :p
 
heatlesssun said:
When looking at market share however, Ash is sure to count Android as Linux. Saying that Android is equivalent to desktop Linux is like saying that two completely different houses are the same because they have a crawlspace foundation.

At any rate, any OS would be vulnerable to this kind attack once the malware got installed, including Linux. It's basically intercepting whatever data it can from a running program. That's easy for to do for a desktop OS.
Click to expand...

Linux runs on many devices. Linux is just the kernel. Everything else is just fluff. That fluff is what you can install to 'infect' the device if you want. Be it Linux desktop, server, Blu-ray player, POS device, whatever. You install a program that does something, and it will do that something. They are just making that program look legit to get people to download and install it. But, the user is the one installing it.
 
B00nie said:
Yeah so they assume iOS is affected and can't test it but go ahead and claim its vulnerable anywway.

First the attack has to pass Apple control and get approved.
Click to expand...

Well Apple QC did pass that baby shaker app so all things are possible;)
 
Sounds stupid, the attack was actually pretty impressive.

They used a zero permission app (ok it had network perms) that hijacked the UI with zero visual clues. I thought it was pretty clever, this is an issue that I absolutely agree Google should address.
 
You must log in or register to reply here.
Back
Top