Top
image: naked security

How shared Android libraries could be weaponized for data theft

August 16, 2017

Android users know the routine: download an app and a box appears asking for permission to talk to other apps. Knowing that the app needs that access to work properly, the user clicks “OK” without a second thought. But what happens when one app abuses that access to tamper with another?

The answer, according to Oxford University researchers Vincent Taylor, Alastair Beresford and Ivan Martinovic, is that the Android device itself can be compromised and the user’s data stolen. They call this kind of attack intra-library collusion (ILC) and describe it this way in a paper they published on August 11:

Read More on Naked Security