Researchers hack Gmail app with 92% success rate

An engineering research team from U.S. claims that Gmail can be hacked successfully up to 92 percent. They also mentioned that they have a method to hack apps. The most important thing thats been allowing the apps to be hacked to that level according to the belief of researchers is there exists weakness in Andriod, Windows & iOS mobile operating systems. And with these Andriod, Windows & iOS operating systems unsuspectingly hackers mostly use to retrieve personal information.

Researchers have taken a step ahead & also tested their method on seven popular apps: Gmail, Amazon, Newegg, Hotels.com, H&R Block, WebMD & an app from Chase bank. They have founded out a deadly fact that out of these seven popular apps: Gmail, CHASE Bank and H&R Block can be hacked up to 82 to 92 percent of the time.

These researchers have published their full report at Security Conference held in San Diego with a name “Peeking into Your App without acutually Seeing It: UI State Inference & Novel Android attacks on 22 August. And the authors of the report are Zhiyun Qian, of the Computer Science and Engineering Department at University of California; Z. Morley Mao, an associate professor at the University of Michigan; and Qi Alfred Chen, a Ph.D. student working with Mao.

Researchers could hack Amazon up to 48 percent. From the above data its now clear for us that: Gmail stands first with its most vulnerbility of 92% success rate of hacking data. And Amazon stoods at last with lowest vulnerability hacking rates. And as per the researchers this lowest vulnerability is caused as the Amazon apps allows the activities in such away that its one single activity will be lead to many other activities, because of this transition of activities it becomes very hard to detect the activity the app is been using for.

Researcher’s reports states that: Researchers reports states that: they are for sure, could able to hack check images of Chase app at 83% success rate and even can hack all the personal data like address & Social Security numbers from H&R Block at 92% success rate, Newegg (86% ), WebMD (85%), Hotels.com (83%) and Amazon (48%) apps. Though the researcher’s reports state about these seven Android apps vulnarability of hacking. But researchers said that even the apps of other operating system may also come under their vulnerability of hacking.

Here’s an instance to understand how easily a hack may occur even without coming in to our notice: Here the hacker tries to steal the data through sending an untrusted app to the user & the user unknowingly goes for the installation. And that untrusted app may appear to the user as harmless, as that untrusted app may be a phone wallpaper.

Though some smartphone experts have not taken these researchers statements too serious. But here goes the opinions of some major representatives:

• “I certainly think the report is credible,” cybersecurity analyst Michela Menting said in an email. “If a researcher or a hacker looks hard enough, there will be ways to exploit any number of vectors within an application.”
• When CNBC approached Gmail, Representatives said they will look into the matter.
• Representatives of Chase and WebMD said the issue was an operating system vulnerability rather than an app problem.
• Newegg.com said the study shows the need for “everyone in the mobile space to work together to ensure security.
• “H&R Block’s Gene King said there was no indication that any client data had been compromised. “H&R Block takes privacy and security very seriously, and we are in contact with appropriate parties to address these reports,” King said.
• Remaining companies has not been responded.
• “It was interesting in a theoretical sense, but a lot of things have to happen there for it to be a practical hack,” Android Central Editor-in-Chief Phil Nickinson said via Twitter.
• Menting, an analyst at ABI Research, said the level of technical knowledge required for the attacks would probably prevent widespread use of the hack method.
• Brian Blair said “As secure as we thought we were a year or two ago, we’re seeing another wave across app platforms everywhere”.
• Analyst at Rosenblatt Securities. “We’re going to have to have app developers create a layer of new security. There’s not much I see consumers can do. We have to wait for all companies that store our info to upgrade.” He added that consumers will probably start looking more into state-of-the-art identification protection services.
• Zhiyun Qian, one of the researcherer adviced consumers to “avoid installation of untrusted apps”. 
• Adam Levin, founder and chairman of Identity Theft 911 and Credit.com, responded: “Users should be cautious and only download apps from trusted sources—big, popular apps are hacker magnets,” he said in an email. “Do a routine check of your smartphone and tablet, especially if you have little ones using the device, to ensure only apps that can be trusted are the only ones installed. Immediately uninstall apps that appear to be from unknown sources or are not necessary”.