Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could prevent tampering by hackers.Researchers from antivirus vendor Kaspersky Lab took seven of the most popular Android apps that accompany connected cars from various manufacturers, and analyzed them from the perspective of a compromised Android device. The apps and manufacturers have not been named.The researchers looked at whether such apps use any of the available countermeasures that would make it hard for attackers to hijack them when the devices they’re installed on are infected with malware. Other types of applications, such as banking apps, have such protections.The analysis revealed that none of the tested applications used code obfuscation to make it harder for attackers to reverse-engineer them, and none of them used code integrity checks to prevent malicious manipulation.
Källa: Insecure Android apps put connected cars at risk | Computerworld
0 kommentarer