Over 400 Apps On Google’s Play Store Found To Be Vulnerable To Open Port Attacks

Hundreds of Android apps on the Google Play Store have been identified to be vulnerable to open port malware attacks. Some of the apps in question have tens of millions of installs, putting millions of users at risk.

Researchers from the University of Michigan have identified 410 apps from the Google Play Store to be susceptible to open port attacks which can allow attackers to steal user data and install malware on users’ handsets remotely. Most of the apps identified by the researchers are extremely popular, one of which is pre-installed on some smartphones, according to The Independent.

“An open port (or a listening port) is a communication endpoint for accepting incoming connections in computer networking model, typically used by server applications to handle requests from remote clients,” the researchers said in its report. “However, these ports can also be connected by malicious clients if not carefully protected, exposing potential vulnerability in the server software to remote exploitation.”

To put it simply, an open port is a vulnerability within an app’s code. It’s best described as a crack in a wall where hackers can get into the app to have access to the user’s data and even install malware on their phones, according to Digital Trends.

The researchers were able to identify the 410 apps that are vulnerable to this kind of attack using a a custom tool called OPAnalyzer to scan 24,000 apps from the Google Play Store.

“OPAnalyzer successfully classifies 99% of the mobile usage of open ports into 5 distinct families, and from the output, we are able to identify several mobile-specific usage scenarios such as data sharing in physical proximity,” the researchers said. “In our subsequent vulnerability analysis, we find that nearly half of the usage is unprotected and can be directly exploited remotely. From the identified vulnerable usage, we discover 410 vulnerable applications with 956 potential exploits in total.”

Although millions of Android users are currently at risk of open port attacks, there’s no information if any have been affected yet. The researchers didn’t give out any names of the apps vulnerable to this attack, but said that it has already informed developers about it. If that’s the case, many of these apps could be updated in the near future to patch up the vulnerability.

There appears to be no way of identifying if an app is vulnerable to such attacks. However, one way to make sure that an app is secure is by only downloading it from the official Google Play Store. Another way of preventing this kind of attack is by not using apps that are capable of connecting a smartphone to a PC over WiFi.

A few months ago, it was discovered that the AirDroid app had an authentication flaw that gave hackers access to open ports. AirDroid allowed users to transfer files from their smartphone to their PC over WiFi. AirDroid’s flaw was eventually patched. Some of the apps that the researchers from the University of Michigan have identified to be vulnerable to open port attacks also offered some of the same features found on AirDroid, as pointed out by XDA Developers.