A new report claims that around 99.7 percent of phones using Google’s mobile operating system contain a security hole that can enable hackers to send unencrypted personal data. Mobile devices using the Android operating systems have a weakness that could allow hackers to gain "full access" to private information such as calendar, contact information, and "private web albums,” according to a research group from Germany’s University of Ulm. The security hole could also give hackers the ability to view, modify or delete contacts, calendar events, and private pictures. Thankfully, the security flaw only affects individual phones.
In a new research paper, researchers at the University of Ulm detailed the flaw, testing it for vulnerabilities. They found that some Android applications could transmit unencrypted data, allowing others to "eavesdrop" any of the transmitted information. Researchers were tested to see if they could hack into Android data using a simple third-party application. Apparently they found a lot of success in completing the exercise.
“We wanted to know if it is really possible to launch an impersonation attack against Google services and started our own analysis,” researchers said. “The short answer is: Yes, it is possible, and it is quite easy to do so.”
The hack was tested on various versions of the Android operating system including 2.1, 2.2, 2.2.1, 2.3.3, 2.3.4 and 3.0. Phones used in the test included the Nexus One, HTC Desire, HTC Incredible S, and newly released tablet the Motorola XOOM.