Some Android Apps Could Leak Private Data

According to a study released by researchers at the Leibniz University of Hanover, there are a fairly high percentage of Android apps available on Google Play that mean users details could be exposed because of poor coding practice when transferring data over TLS (Transport Level Security) and SSL (Secure Sockets Layer).

The researchers created a special tool called MalloDroid and when coupled with a fake Wi-Fi hotspot, they successfully managed to exploit 1,074 apps (8% of the apps available on Google Play) and were able to retreive personal details such as email accounts, social media logins and bank account details.  In addition, they managed to execute code in order to make other apps behave differently and most worryingly they succeeded to alter requests to transfer funds and hide the changes from users.

The university will be releasing the MalloDroid web app very soon to allow Android users to check for themselves if an application exposes their private data.