AndroBugs Update

 

protect your data: internet threats orbiting around a laptop
protect your data: cyber risks and threats that surround you

Results for typical applications on Android

(Disclaimer) This is SOLELY for defensive and informational purposes and research. Any and all results from pen testing apps is my right as these are installed on my phone and take my data illegally. Any and all damages from others for hacking are not my responsibility nor intention. 

As discussed in my last post I am using and testing various different methods to create what I call a SSC or a Secure Software Catalogue as is required by ITIL and in the Service Design portion of ITIL standards according to version 3. The software catalogue is a means in which to supply people in an organization with approved and (in my courses and trainings I give) for a secure IT Asset Management and Configuration. Why? Well according to my research many apps (actually most) spy on you and “take” data and samples of data that 99% of people do not realize. This “may” be correct for someone that gives you a free application but I believe most people don’t realize what they are doing and what they are actually paying with. There are no free applications (in my opinion) since you pay with your data and you are being analyzed each and everyday (often without your consent). 

Let’s take Google Android and the subsystem of applications that the store offers to its users, these applications contain components that allow google as well as the application creator to collect data on what you do, how you do it and even (suspected function that I still have to verify with facts) captures discussions that you have and are logged on your phone even in standby. One way we have verified this is to use multiple installs of Android in standard firmware and modified firmware. The modified firmware (OS) had a very small subset of google logic in it that also protected the phones users and added confidentiality as compared to fully stock firmware that contained all google apps and api’s. Some tests verified that discussions where listened into and interpreted by google because shortly after these discussions exact tailored emails and commercial materials were sent to the phones after the initial discussions. This is (IMHO) a violation of multiple rights on a global and national scale as this data is considered confidential at the very least and even up to top secret if android phones are used by Agency Personnel or DoD of any nation. I assume many people don’t understand this and what type of data collection and access to private information it involves. This is even scarier if you think about Nation States that may use these vulnerabilities in functions and redundant code to reverse engineer the OS functions and misuse these to spy on family members and innocent civilians. This fact is one of the main reasons for releasing the information. 

So based on all this and tests I wanted to see how many “standard” apps I could test and classify as “safe” in a normal use case. I believed that using a subset of applications that I “had” installed on my phone was a great start. So I downloaded and installed typical apps that almost everyone has:

WhatsApp, Google Drive, Dropbox, AV solutions, Bank Apps, RSA Secure ID (OTP / Tokens), Facebook, Google Apps, Music Apps, VPN software, Webex, Biometrics, etc. I found some really surprising results pretty much across the board.

I am adding a few reports in this post so that you can review them and then let me know what you think.

Please use this information for defense and for security awareness, don’t use it for hacking. I have thought very long and contacted multiple vendors (some never replied back) and I believe the risks are so high that not releasing the information would be irresponsible. I by no means have earned any money from this and am not profiting from this information besides doing the (unpaid) research to protect my data and information. I accept no responsibility what anyone does with this information and am not responsible for any damages or attacks that result from offensive use of my research. I am also not judging the companies that created the software nor am I saying anyone should attack them or the applications. 

Your 1D10T (Security Noob)

Some more reports:

BahnNavigator_de.hafas.android.db_ef5d64554771c3a2fcb5cc817138985d877af0de7055b04d1904aefbed5d9e41110faa0a286ebefd5819a833ddeb2204706ad06c473031c01e990ca426755e09

com.android.chrome_7731c9d6022912a4e95f766de5abb0754f860f601a1089bd53a3dd1e5676c215c1f03497ad24fcd579e682bc067c443d474711a32fe781655d002d5fba6f8db2

com.antivirus.tablet_50598dea54a33f72b855a5543987adb0edd7ec1a115983e218dc696fbeb792fecb2120148a8b880060f456d0c8e79e090b1f8b97112971b746e3663e8b23e7de

com.apple.android.music_045563ebfb78d4992a1610ddbd3eed1c7741cc2457ee0f8e8457f179747e766ad5d7497e5ace8c996c21aefc26cc6cb2084291930a1e36cf95342b5855066a34

com.authy.authy_ca19ee8b1186cac6d9fa53123fb9cc19974fb5d4270e959ffb472b694c98a909d40082de58edd66f98c55a16439284ac483a4115d49a49a048f5e68878b00b86

com.avg.vault_be7e832d6407be8715084ac5426fccb7b08a36a77386ce1093361fe2884cd5934f76c445d18c92cfc5010b9f54bd0c37ebd25997a5475391471f1caa0902b33a

com.avira.android_3629f503f71beb5ea0615189561076a8001896049e00c88afea2d455da3a36683ce5a8d938e83be411c295491d288d2d6faa69e5ed64252577464a936f289ce5

com.ba.mobile_e36d1e22be0e163ffff77d14623b3b7f4711aecb246ec2254a2bdf9fd4b0d79cb8e8f4a7de22f191505dc29975e14e153ce5e67dc68bf9af75c240f1d7eddfce

com.bitdefender.antivirus_432a9765f59f61cec2f76cf30a1a26d667ae9a9997bdc6983f890e1cce3d031ac2107f5f6f920a2f7320a15ecbc62fcbe17503095d6fee45e3f3ce7ed6ea17c5

com.cisco.anyconnect.vpn.android.avf_715cdc206be113087af484127f38363b649540d57b12912a423bc0bb5af9961ed41d550b83973ac5bee188d94ce3eb6ce7e2df30ad8d5742f79843a830d3d9b1

com.cisco.webex.meetings_01c6821fea7ad8d57b3e35d5d53900e7e6c05c7eb25b8873e81da7bbf06e2192730123818a6fd16815c4518ccab86445b4bae48398a7fe2047293b8d618b8b47

com.citi.citimobile_0ea474d69bb7342970af9b523b23b767c3eb97120add96158a1de42e2f1e03dbff7a81c318ac02a56e449481fd43dcf7accdf2471b11881d9ce972ba56954e8c

com.dropbox.android_b2c87fca1554de11766062776077b21752d90c763422b011c7e9fa27a28833497dec16b3873afd847ac18723d5029e13108f6a289ed3d7cbe0a13b3ddaf26171

com.facebook.orca_4211b5e4a1763b84416520ae64dfbcb2dec192fd893ceb632ead83ee8de415e000f420a54db4bb7e4b4b14423b1b586869989d35c2594e3eabdb232842989323

com.fortinet.forticlient_vpn_43a76736d3984171b00605d6d7526b84180acf02d6cf01f6b864a6d59b2aee73e7389b830a58911044930cf54f4e3232689e937e9f548a8123630680992b8c01

com.google.android.apps.docs_fc984c3c7b7b4afffe1ed06dc55652267ccc768929e5f3a76b6dda1902a55d62ffd1195f9dfacada32923cf7e9e90038c9c03a5a8a0e5251ad4f2e8b1d9c0cb2

com.google.android.apps.maps_ab343f4ea07104649e3c79c1f0392369ba1f2cf143c0e11fbcbc0c3fecbe1da65424472cfe6a08afeb1c15560bc71b7288965556a1f491649c28365d069c9b4d

com.google.android.gm_3a518ba1ddb2792d1907a5aaf0514f99636ab43304d061200ee6cee32ba9c82b53e109ff48e6a2ad109e7c7d84913c02736b9848ba26d8172b65b5aef19f78b8

com.google.android.youtube_5c3a1b7cef9dde8827c339da112fabcae464a48050959d9cbc2cc0f110e39853768aa84dc4145234bfd32e10a3ca46a9789fdc528e0a719fa2588df4627b8145

com.hulu.plus_1b66da2ed0f6d9b16304e1c39bea244e253b7ed93c9c0274cf32b520ea218f83d5cbc063ebc7c55942a0259254e1ead6b60f200ae8a5242d6f6cbb7e650d88af

com.ibm.lotus.connections.mobile_9f808fb67e8e396e1b4cb86fc8a1150b6402a86053971dc6b5445061e2727933beaf71b3edec834b2424060c2825e6a6e276477c530258e10b81eac0eea777c4

com.instagram.android_6dd6689470103a2de9c64bed2b1206649134df6878915b86ee145bb4728d3a0e83aa30c4cbbb57414add20d916f5c8247c9a3b387b7697f6960ff3ec6c410d40

com.kaspersky.lightscanner_6ed925e8e8190c17f3eeeae510a28e2f99412942643d6a0113f6f09f30852eab19fc72d92263b26c6f9d00b13ef1992313a7af2bc5334541226f082cc35425e1

com.linkedin.android_17dc4d09043182ea4d1472f66c8a6ac590b58e9833f5ab69b4d032c5560fce6b364737e140cbac6e6caf95be72618a2aa5396f416c7a2bb78b16f457b3e14578

com.mastercard.incgenhosted.mobile.us_7531cbeb0700185dc8376e02ebe3388966020d39e1f3d8f4ed10002a8628c26847e142e84066af70a71620fadab13edf7e904f7f6fda3414dc1ee15177366944

com.microsoft.office.officehub_318c44cf743eb03a75fa03fc9b876fd5a291647b4d857966c253c26d6107f2ef3bf2d16710d83252a45c347ad2660674516275e99900b8f211bb0a5d2f4b349f

com.microsoft.skydrive_dc985d15d37331d0bba85d05416318b074be0fbabea6dee6fa3983350524cb3522ab0beb9da14277ee01b51f75c7a9d603f203abddce4e1b95be8efe84a37dee

com.mobileiron.anyware.android_0169169b82a71d1a78575cd5ade31043a0018f401dd4c06ead5851037c537cd187d656d1f9a69844b423ec09e87175c4123f53e1dd120832fd2e73056c9a7fdb

com.mobileiron.vodafone.MIClient_0d9fb1fdbc373b1bd726bb92386ced0d3753d2eb8ce3a4d0c729384ff447c07dd987d1df7bbcd1634b89a74ac04e910286ce4833fb3f374732e90559ca5a9a3c

com.paypal.android.p2pmobile_033228ddddf77e12149030eec07a9eb6702554dda495c5538e02180190ed27bca37373d92a1661be5c6c03b526df6b2a35a380d69990ea1c3501e92b953063d2

com.Pingram.MobileSecurityAndAntivirus_1ae269c34f135e3a3b5fd8f08c4ff192d5b9d99789eded4ecfe106446c0c6cafb047ec30b755af21fff759b84bab0b4e895b1648709e6fb8683939106c9656f3

com.praetorian.policeone_884b283687e90371bf057f00ac5b3afb019a6f319d99bc6fd0569c8fe0fa8cad37e02ebe51d359f498d3162634e69aad9a55c800f4435ce93af32a9226acee7f

com.rachelssolutions.fdnyfireandemslocations_e165f2f44add95a21b8e327714d9c555548836257a6601765d03b6f646c6cbd935a24ffd001a8724d2e749beac3ed4af36a0549d5ddd112e6b9ccb333fdffec1 com.rsa.securidapp_31bef1d15709e861f1fa46a3066d40a116be62cb66d31ea0a9bd01be1ab92eb866aa7d3631e243a9a009dfe8b012339bb7b5784681abf07b44e4c950d469d98f

com.skype.raider_d52c9142c992b890e3a5153239538953f029ad2bcfbdd824f55463c7691453bfa322513957a6e087f37d5f27d4d5b66efb2d1873c0a2a77d879d9a093551e918

com.snapchat.android_740b64c1e43de95215f93ec8593d2aebb30005c8e30d7b530037e7eed73cae20c2984599892758ffd51e98536c38dfa0e8454a4586409fa3bc350be456a8a57d

com.soundcloud.android_b702a711977940e6bce4f34851ecca64dbe3cc3a481e7c4a4794f1a02e82aee51833f1769b9c35ab27660852b7165ff54310b327d55bbfd2d475625b16b0d44c

com.splunk.mobile.access_9bb3f0d538d0b5869748996d141d58555a02d5744cab7dee536d9354e2f0d883e4a9db9c41db6e1706464e7dbefc0aa383854c1f519f34918c227880f6628748

com.spotify.music_5972693c056f0fd6118b61afaf2b1fe2803f0f9b9eff55ce3f7f203d6069b52a8f60066d8bff6bf1b1d42d00afac02e5c2d68a5a1048cac2fb5532fe215f8832

com.symantec.mobilesecurity_4b78112ce3bcb78fb95a09ee429b278085fc39baa072742cb95c04e646d323c9103fc00f9a800ee3e51fe600f0d09d12f9904963beb2c1142b1eeb87a4afd372

com.trendmicro.tmmspersonal_87073dfe18143edc667543b4050b005613b5022b490de4c7d3db4341b98785d5b627b24bee7658b03c41ec79db40a528e228bb84d9aa29c983fa21d10a2a236d

com.twitter.android_a6529b3bc1843e04269d485686988b19b7e3fd7672f76eceda5c8e4c463fd711fb110aac16158d22966974320472287c18eb88d406ebb6ac4d485f24136fdef4

com.vasco.dp4mobile.demo_f1d1b171b95e5fd491027e7c55fab09eeb74e65bc4235ff69d3ea9be9abf9f6033a4c9ff61db334725994c3de2b6d870da506d2725b31174c521c1efeab2e0ac

com.whatsapp_8ef54260d9fb2062113b1c6fb285cfd53643b92a756b77242ae194c9dd4c42cecca426f10e958080b4f398352343483a48bf110204f36c130e5349fa14f167a5