The privacy is sold expensive and it’s clear that no matter how many security meassures have the platforms, hackers are always one step ahead and this week we saw how truw it is. The brand Syamantec have discovered that 3 popular applications of Google Play, once installed, the made non-voluntary clicks and advertisments on a background, a forbidden activity, obviously, by the rules of the app store. The worst is not to have discovered this act, it is the fact that hackers have been doing this for more than a year without anyone noticing.
Apple and Google fight to protect the privacy and security from their users against threats like the adware, malware and virus, and they do it for obvious reasons; the prestige of the platform is on stake and it’s a war where they can lose a lot so there’s no jokes there. In this way, google hastaken very serious the improvement of the security of Google Play (after being accused to be less secure than the App store of Apple) and at the beginning of the year they announced that the meassures used achieved to “repair” more than a million of apps, a nice way to say “we repaired some vulnerabilities in the apps.”
A new method of data stealing.
Symantec have pointed with their finger to the refering apps: Idea Note, a scan with recognition of OCR texts and Beauty Fitness, an app to make physical training at home. Both had 2 things that made them a complete success in the store: they were free, by one hand (in exchange for a few ads), and they offered a high added value, by the other hand. However, the free status was not exactly true because both included code lines which the system made click in the inserted publicity without the knowledge of the user. This activity on the background presented 2 inconvenients: the first, and the most important, that along with the click, the announcer received information of the user without their permission, and the second, that with that amount of ads was derived to a excessive activity in the background with their respective impact on the battery and slowing the system.
They made a risk for the user’s privacy.
From Symantec refer ti this big incident as a “new tactic” to obtain fraudulently an economic performance at the cost of the user’s privacy and the said that the impact has not been precisely little because it is said that both apps have been downloaded like 1 million and a half times. Is this technique being used also in the iphone? From Symantec, Christopher Sahner, spokesman from the company, says to EL PAIS that it is not the case: “If it were like this, it would have been mentioned in the research”, he said. Being said that, if the hackers have achieved to surpass the security barriers of a platform, how can the user protect himself?
First is to detect a posible unconfirmed activity, if you observe “a sudden battery drop, a slowdown in the system or a big increase in the data consumption”, we can be object of an attack of this kind, as explained Sahner. The brand recommends, as a general meassure, keeping always the system updated, to make security backups and never install apps from sources that are not 100% secure.