Android handsets from several OEMs allow hackers to sniff user location data and record phone calls, says a group of researchers from NCSU.
Xuxian Jiang, Assistant Professor at North Carolina State University, and his team has published a paper entitled Systematic Detection of Capability Leaks in Stock Android Smartphones (PDF), elaborating how Android smartphones from HTC, Motorola, Samsung and even Google contain code that exhibits powerful capabilities to untrusted applications.
The study found that apps could go around security defenses that give users an option to allow permissions before a certain app can access user data.
Interfaces and several services that Android phone makers add on top of Google’s stock firmware was responsible for the leaks.
To identify the leaked permissions, the NCSU team created a tool called Woodpecker.
The paper says, “Our results with eight phone images show that among 13 privileged permissions examined so far, 11 were leaked, with individual phones leaking up to eight permissions.”
“By exploiting them, an untrusted application can manage to wipe out the user data, send out SMS messages, or record user conversation on the affected phones – all without asking for any permission,” it adds.
The researchers found that the HTC EVO 4G has eight explicit leaks, the HTC Legend with six, the HTC Wildfire S and Motorola Droid X with four each, the Samsung Epic 4G with three, and the Motorola Droid and Google’s Nexus One and Nexus S each with one leak.