Danger is My Middle Name: Experimenting with SSL Vulnerabilities in Android Apps
This work addresses security risks for Android app users by revealing widespread SSL vulnerabilities, though it is incremental as it builds on prior studies of mobile platform security.
The paper conducted a measurement study on SSL vulnerabilities in 100 popular Android apps, finding that 32 apps accept all certificates and hostnames, 4 transmit sensitive data unencrypted, and up to 91% are vulnerable to man-in-the-middle attacks, exposing credentials and personal details.
This paper presents a measurement study of information leakage and SSL vulnerabilities in popular Android apps. We perform static and dynamic analysis on 100 apps, downloaded at least 10M times, that request full network access. Our experiments show that, although prior work has drawn a lot of attention to SSL implementations on mobile platforms, several popular apps (32/100) accept all certificates and all hostnames, and four actually transmit sensitive data unencrypted. We set up an experimental testbed simulating man-in-the-middle attacks and find that many apps (up to 91% when the adversary has a certificate installed on the victim's device) are vulnerable, allowing the attacker to access sensitive information, including credentials, files, personal details, and credit card numbers. Finally, we provide a few recommendations to app developers and highlight several open research problems.