Express Computer
Home  »  News  »  Scientists hack into Gmail with 92 per cent accuracy

Scientists hack into Gmail with 92 per cent accuracy

0 408

Scientists have developed a novel method that allowed them to successfully hack into Gmail with up to 92 per cent accuracy.

A team of researchers, including an assistant professor at the University of California, Riverside Bourns College of Engineering, have identified a weakness believed to exist in Android, Windows and iOS mobile operating systems that could be used to obtain personal information from unsuspecting users.

They demonstrated the hack in an Android phone.
The researchers tested the method and found it was successful between 82 per cent and 92 per cent of the time on six of the seven popular apps they tested.

Among the apps they easily hacked were Gmail, CHASE Bank and H&R Block. Amazon, with a 48 per cent success rate, was the only app they tested that was difficult to penetrate.

The researchers believe their method will work on other operating systems because they share a key feature researchers exploited in the Android system.

The researchers believed there was a security risk with so many apps being created by so many developers. Once a user downloads a bunch of apps to their smartphone they are all running on the same shared infrastructure, or operating system.

“The assumption has always been that these apps can’t interfere with each other easily,” Zhiyun Qian, of the Computer Science and Engineering Department at UC Riverside said.

“We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user,” said Qian.

The attack works by getting a user to download a seemingly benign, but actually malicious, app, such as one for background wallpaper on a phone.

Once that app is installed, the researchers are able to exploit a newly discovered public side channel – the shared memory statistics of a process, which can be accessed without any privileges.

The researchers monitor changes in shared memory and are able to correlate changes to what they call an “activity transition event,” which includes such things as a user logging into Gmail or taking a picture of a check so it can be deposited online.

Augmented with a few other side channels, the authors show that it is possible to fairly accurately track in real time which activity a victim app is in.

There are two keys to the attack. One, the attack needs to take place at the exact moment the user is logging into the app or taking the picture.

Two, the attack needs to be done in an inconspicuous way. The researchers did this by carefully calculating the attack timing.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image