/plushcap/analysis/snyk/snyk-exploring-android-intent-based-security-vulnerabilities-google-play

Exploring intent-based Android security vulnerabilities on Google Play

What's this blog post about?

Researchers from Snyk Security Team have discovered intent-based Android security vulnerabilities within applications uploaded to Google Play store. These vulnerabilities involve intents, objects used for launching operations by components of an app. Intents are utilized for internal and external communication between apps, which can lead to injection and redirection attacks resulting in leaking private data stored by the app. The team analyzed top applications across 50 categories on Google Play store and found vulnerabilities in various popular apps including a shopping app, a social network app, and more. These intent-based security issues are similar to SQL injections or cross-site scripting (XSS) attacks in web applications.

Company
Snyk

Date published
May 18, 2021

Author(s)
Raul Onitza-Klugman

Word count
1495

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.