As we all know android mobile phones are nowadays becoming very popular due to their craze in the market and their Open Source format of google. People can now download and install any application from any unknown source without knowing whether it's a harmful app or not.
There were lots of Android update patches you would have gotten over your mobile phone this shows how much your mobile is vulnerable even if the patches are fixed also there are some issues that were not yet identified 🆔 so be careful while downloading any application or giving any permission of access to those unwanted application's.
 |
| Vulnerabilities |
Expert testing an Android mobile has proven that in most cases insecure data storage is the common security flaw in android applications. According to the report, vulnerabilities are more suspicious in Android applications as compared to IOS and Windows (43% vs 38%). But the expert says that the difference is minimal the level of security between both platforms are same.
Comprehensively checking the security of mobile applications has led to vulnerability between the client and server, and the transmission of data between them.
Vulnerabilities in Android App:-
There is huge growth 📈 in the development of mobile applications. Mainly these systems have client-server architecture, the popular client operating systems is the Android or iOS, and these are the most widely used.
From the user's point of view, mobile apps are those that are installed on your smartphone and showed that the user interaction to pay a bill or to see email. But there is one other aspect: the server or the host of that particular application where the app's database is stored.
Currently, we can see that Android phones come with a very high-level and complex security mechanism. As we know that by default only with the permission of the user for the particular owner of that mobile phone can only access the files and folder inside the mobile system. But when sometimes developers when writing the code and make such vulnerabilities in that application which makes hackers exploit the application.
Mainly There Are Two Aspects:-
Vulnerabilities at Client-Side
60% of vulnerabilities are found on the client side.
_____________________
89% of vulnerabilities can be exploited without the physical access
_____________________
56% of vulnerabilities can be exploited without administrative rights
 |
| Attackers Malicious App |
7 Top 🔝 vulnerabilities are as follows:-
1. Binary Protection:-
Nowadays most of us want to root their devices but they don't know what are the demerits of these just for some kind of benefits to this like they can install any kind of application of their interest and use it which one not available for unrooted devices and they can also increase the size of memory or they can also delete any kind of application which has the inbuilt system application for all this is small benefits they do what they just make their mobile phone rooted when a device is rooted any kind of malicious for application can run on these devices but they don't know and they make the device rooted all the kinds of forensic application run on rooted devices only, you may get these types of problems when your device is rooted firstly an suspicious activity or unusual behaviour will be shown by your mobile phone like any type of application automatically open or your call has been recording or data has been going here and there without your permission or any type of application is being downloaded to your mobile phone without your permission is are the most dangerous activity which can take place in your mobile phone when it is rooted so please be aware of it.
 |
| Binary Protection |
Recommended solution
Best practices should not use any kind of gels aching for rooted applications or any kind of rooted devices you can also do some kind of checking whether your device is rooted or not enforcement and risk mitigation to protect the data within the application from being exposed.
2. Insufficient Transport Layer Protection:-
Applications frequently get fail to encrypt the network traffic when it is necessary to that we should protect sensitive communications. Encryption must be used for all authenticated connections, especially Internet-accessible web pages. Backend connections should be encrypted as well, or risk exposing an authentication or session token to malicious actors on the same network as the application host. These backend connections may represent a lower likelihood of exploitation than a connection over the external Internet; however, their impact in the case of exploitation can still result in a compromise of user accounts or worse.
 |
| Transport Layer Protection |
Solution Recommended
Encryption should be used whenever sensitive data stored, such as credit card or health-related information, is transmitted over. Applications that fall back to plaintext or otherwise be forced out of an encrypting mode can be abused by the attackers.
Ensure the application has a security constraint that defines confidentiality and integrity-based secure transport guarantee. This will ensure that all data is sent in a manner that guarantees it cannot be observed or changed during transmission. If TLS must be terminated at a load balancer, web application firewall, or other in-line hosts, it should re-encrypt the data in transit to the target hosts.
3- Insufficient Authorization/Authentication:-
Insufficient Authorization results only when an application does not perform adequate authorization checks to ensure that the user is performing a function or accessing data in a manner consistent with the security policies.
Authorization procedures should enforce what a user, service, or application is permitted to do and When a user is authenticated to a website, it does not necessarily mean that the user should have full access to all content and functionality.
 |
| Authorize |
Solution Recommended:-
Enforce a proven authorization framework scheme that emphasizes the policy-based configuration files over hard-coded authentication/authorization checks wherever it is possible.
4- Cryptography-Improper Certificate Validation:-
This application is either not validating SSL/TLS certificates or is utilizing an SSL/TLS certificate validation system that will not correctly verify that a trusted provider issued the certificate. The client should be configured to drop the connection if the certificate cannot be verified or provided. Any data exchanged over a connection where the certificate has not properly been validated could be exposed to unauthorized access or modification.
 |
| Encryption/Decryption |
Solution Recommended:-
Ensure that your application’s certificate validation is configured to correctly verify that certificate is provided, and from a trusted source like a reliable Certificate Authority. Or, code in the latest certificate transparency standards approved by IETF or the CA/B Forum.
5- Brute Force – User Enumeration:-
There are numerous ways for an attacker to determine if a user exists in the system; a brute force attack is a method to determine an unknown value by bypassing an automated process to try a large number of possible values. The attack takes advantage of the fact that the entropy of the value is smaller than perceived.
For example, while an 8-character alphanumeric password can have 2.8 trillion possible values, many people will select their passwords from a much smaller subset consisting of common words and terms.
If error messages change when the username and/or password are submitted incorrectly, an attacker can determine the existence of a valid username/email address based on any differences in the error messages.
 |
| Brute Force |
Solution Recommended:-
The user enumeration vulnerability typically occurs in the following functionality: Login, Registration,
or Forgot Password. The application should not reveal whether a username is valid. The response to valid and invalid input in either field should be completely identical.
For example, instead of “Sorry, your password is invalid”, a proper response might say: “Sorry, your username or password is incorrect. Please try again.”
6- Insufficient Session Expiration:-
After a user signs out of an application, the identifiers that were used during the session are supposed to be invalidated. If the server fails to invalidate the session identifiers, other users can use those identifiers to impersonate that user and perform actions on his behalf.
 |
| Session Expired |
Solution Recommended:-
First, it is a best practice to ensure a logout button is implemented in the application; and second, when the user clicks this button their session is properly invalidated.
7- Information Leakage- Application Cache:-
Sensitive data can be leaked from application caches through the main application code or third-party frameworks. Mobile devices present a unique challenge to secure data storage. The devices can be easily lost or stolen. Many users do not lock their devices. The cached data can be viewed by an attacker who is performing data forensics on the physical device.
 |
| App Cache |
Solution Recommended:-
Ensure the sensitive data is not accidentally leaked through the cache. Developers can prevent it by creating a threat model for OS, framework, and platform to check and verify the way data is handled during URL caching, keyboard press caching, logging, copy or paste caching, app background, browser cookies objects, HTML5 data storage and analytic data that is sent to the server or any other app.
Comments
Post a Comment