Blog

Widely popular Android AppLock application by DoMobile Ltd. is claimed to be vulnerable to Hackers.
 
AppLock Android app enables users to apply a security layer to their devices, which locks and hides the SMS, Gallery, Gmail, Facebook, Calls and any app installed on the device.

 

Few of its features are:
 
  • Protecting apps either in a PIN number form or a pattern lock
  • Providing users a Photo Vault to hide pictures
  • Providing users a Video Vault to hide videos
  • Creating different user profiles, easy to change the locks
  • Preventing apps from being uninstalled
  • AppLock cannot be killed by task killers
This acts as an advance protection for your device, by securing many features that come with an android phone.
 
But, does this really protects you?
 
Let’s have a look…
 
Security researchers at Beyond Security’s 'SecuriTeam Secure Disclosure' (SSD) have reported three critical flaws reside in the AppLock App.
 
They say, the app that promises to hide and secure your data lacks when:
  • You hide your photos and videos in Vault
  • You apply PIN Protection to the AppLock App
  • You enable reset the PIN
The First vulnerability exploits the vault services with which the “AppLock empowers you to control photo and video access”.
 
The researchers say, when you put something in the vault, the files did not get encrypted, rather they are hidden in the file system of the device and not the one assigned to the app.
 
With this activity, anyone can access those files and an intruder can accomplish this task by installing a file manager on the device with simultaneously replacing some files in the directory and getting the data from the SQLite database.
 
The Second vulnerability allows an attacker to break the PIN attached to an app by brute forcing. The researchers claim that the SALT that used to attach with the password/PIN was a fixed SALT that is “domobile”.
 
For this, the device is required to be rooted. Also, an attacker can remove and change the lock applied to an app.
 
The Third vulnerability allows the attackers to reset the PIN code and gain complete access to the targeted application without getting any special permissions.
 
Here, the researchers say that an attacker can exploit the user’s privacy by resetting the password by:
 
  • If the user has not provided any E-mail address- an attacker can add his own and get the reset code.
  • If the user has provided an E-mail address- an attacker can intercept the traffic using Wireshark and get the MD5 hash.

SecuriTeam tried to contact the vendor, but they did not respond. Also, they say their agenda is to protect the user’s privacy by notifying them about a “false sense of security”.
 
AppLock is installed in over 50 countries with over 100 Million users, supporting 24 languages. Besides AppLock, DoMobile develops various apps supporting on Android and iOS operating system devices.

 

Bought a brand new Android Smartphone? Don't expect it to be a clean slate.
 
A new report claims that some rogue retailers are selling brand-new Android smartphones loaded with pre-installed software.
 
Security firm G Data has uncovered more than two dozens of Android smartphones from popular smartphone manufacturers — including Xiaomi, Huawei and Lenovo — that have pre-installed spyware in the firmware.

 

G Data is a German security firm that disclosed last year the Star N9500 Smartphone's capability to spy on users, thereby comprising their personal data and conversations without any restrictions and users knowledge.
 

Removal of Spyware Not Possible

 
The pre-installed spyware, disguised in popular Android apps such as Facebook and Google Drive, can not be removed without unlocking the phone since it resides inside the phone's firmware.
"Over the past year, we have seen a significant [growth] in devices that are equipped with firmware-level [malware and spyware] out of the box which can take a wide range of unknown and unwanted actions," Product Manager Christian Geschkat from G Data said in a statement.

Spyware Capabilities

 
The spyware is capable of doing the following actions:
 
  • Listening in to telephone conversations
  • Accessing the Internet
  • Viewing and copy contacts
  • Installing unwanted apps
  • Asking for location data
  • Taking and copying images
  • Recording conversations using the microphone
  • Sending and reading SMS/MMS
  • Disabling Anti-Virus software
  • Listening in to chats via messaging services (Skype, Viber, WhatsApp, Facebook and Google+)
  • Reading the browser history

Third-Party Vendors or Intelligence Agency?

 
Unlike the Star devices, the security firm suspects third party vendors or middlemen (retailers) and not the manufacturers to be behind modifying the device firmware to steal user data and inject advertisements to earn money.
 
The possibilities may also include unintentional infection via compromised devices in the supply chain or intentional interference by government intelligence agencies.
 

Affected Brands

 
The affected Smartphone brands include Xiaomi, Huawei, Lenovo, Alps, ConCorde, DJC, Sesonn and Xido. Most of the suspected models are sold in Asia and Europe.
 
However, this isn't the first time Chinese handsets come with pre-installed spyware. Back in March, the mobile security firm Bluebox found pre-loaded malware on Xiaomi Mi4 LTE. To which Xiaomi said the compromised handsets were high-quality counterfeits.
 
Late last year, researchers from Palo Alto Networks discovered that the high-end devices from Coolpad came pre-installed with the backdoor, dubbed "CoolReaper," sold exclusively in China and Taiwan.

 

Google is planning to introduce a trimmed down special version of Google Play Store and Android Wear to The Mainland China.
 
But wait, if I’m not wrong…
 
Google had ended ties with China five years ago. Then what made Google to re-establish itself in China once again? Business??
 
Recent reports by Amir Efrati at The Information state that Google has massive plans to re-establish itself in the Mainland China.
 
The search engine giant is aiming to get approval from China (the largest populated country in the world) for:
  • Reviving Google as the Internet service provider
  • Designing a tailor-made Google play store for China
  • Android Wear software for the wearable existing in China

Smart steps, though, but what happened back in 2010?

 
Google and China always contradict each other, China's Internet laws and Google's censoring the search engine was one battle.
 
In 2010, Google famously retracted its search engine Google.cn from Mainland China, after they made accusations of the Chinese government for the data theft of unspecified intellectual property from their internal systems.
 
They suspected that some state-sponsored hackers conducted a targeted cyber attack on Google's Gmail, which China later denied.
 
Was it a mistake then, or is it the start of a new chapter now?; Why take a U-turn? Let bygones be bygones...Google must break the ice soon.
 
See what a month old Google's CEO Sundar Pichai has to say about it.