In Mai 2015 TeamSIK investigated cloud databases like Facebook’s Parse and Amazon’s AWS and found 56 million unprotected data records. We found email addresses, passwords, health records and other sensitive information of app users, which may be easily stolen and often manipulated. App developers use cloud databases to store user data but apparently ignore the security recommendation given by the cloud providers. As a result, many user accounts are threatened by identity theft and other cybercrimes.
Many smartphone apps store user information in cloud databases, for instance to ease synchronization between Android, and iOS apps. Cloud providers offer different authentication methods according to the information’s sensitivity. The weakest form of authentication, meant to identify rather than to protect the data, uses a simple API-token, a number embedded into the App’s code. With current tools, however, attackers can easily extract those tokens and not only read the data, but often even manipulate it. Some backend credentials allow access to further services such as virtual machines or website hosting. Attackers could, for example, sell email addresses on the underground market, blackmail users, deface websites or insert malicious code to spread malware or build botnets.
Further information about the vulnerability online under www.sit.fraunhofer.de/appdatathreat.
(In-)Security of Backend-As-A-Service Solutions
Siegfried Rasthofer and Steven Arzt
In: Black Hat Europe 2015, November 2015. (pdf, slides, video)
We know what you did this Summer: Android Banking Trojan Exposing its Sins in the Cloud
Siegfried Rasthofer, Carlos Castillo, Eric Bodden, Alex Hichliffe
In: 18th Association of Anti-virus Asia Researchers International Conference (AVAR) 2015, December 2015. (pdf, slides)
We know what you did this Summer: Android Banking Trojan Exposing its Sins in the cloud
Siegfried Rasthofer, Carlos Castillo, Eric Bodden, Alex Hichliffe
In: VirusBulletin 2015, November 2015. (slides)
McAfee Labs Threats Report
November 2015. (pdf)
German Press:
International Press:
