Security Experts:

Connect with us

Hi, what are you looking for?


Malware & Threats

McAfee: Popular Mobile Apps Remain Vulnerable to MiTM Flaws Found Last Year

Intel Security’s McAfee Labs is reporting that the vast majority of the most popular mobile apps found to be vulnerable to man-in-the-middle attacks (MitM) attacks in research performed last year remain exposed to attacks.

Intel Security’s McAfee Labs is reporting that the vast majority of the most popular mobile apps found to be vulnerable to man-in-the-middle attacks (MitM) attacks in research performed last year remain exposed to attacks.

The McAfee report revisits an analysis performed by Carnegie Mellon University’s Computer Emergency Response Team (CERT). In September, CERT revealed that more than 20,000 Android applications failed to validate SSL certificates, leaving users vulnerable to attackers. A spreadsheet of the affected applications can be found here.  

According to McAfee Labs, nearly three-quarters of the 25 most downloaded apps on CERT’s list are still unpatched.

“Specifically, we dynamically tested the top 25 downloaded mobile apps that had been identified as vulnerable by CERT in September to ensure that usernames and passwords are no longer visible as a result of improper verification of SSL certificates,” according to the McAfee report. “To our surprise, even though CERT notified the developers months ago, 18 of the 25 most downloaded vulnerable apps that send credentials via insecure connections are still vulnerable to MITM attacks.”

“The most downloaded vulnerable app in this group is a mobile photo editor with between 100 million and 500 million downloads,” the report continues. “The app allows users to share photos on several social networks and cloud services. In late January, McAfee Labs tested the most current version of the app downloaded from Google Play using CERT Tapioca; we were able to intercept the app’s username and password credentials entered to log into the cloud service to share and publish photos.”

While the researchers did not find evidence that these apps had been exploited, the cumulative number of downloads for the apps ranges into the hundreds of millions.

“Mobile devices have become essential tools for home to enterprises users as we increasing live our lives through these devices and the applications created to run on them,” said Vincent Weafer, senior vice president of McAfee Labs, part of Intel Security, in a statement. “Digital trust is an imperative for us to truly engage with and benefit from the functionality they can provide. Mobile app developers must take greater responsibility for ensuring that their applications follow the secure programming practices and vulnerability responses developed over the past decade, and by doing so provide the level of protection required for us to trust our digital lives with them.”

The latest findings were included in the McAfee Labs Threat Report: February 2015, which also revealed that mobile malware samples jumped 14 percent during the final quarter of 2014. Asia and Africa led the way with the highest infection rates. In addition, at least eight percent of all McAfee-monitored mobile systems reported an infection in the fourth quarter of last year, with much of the activity tied to the AirPush ad network.

In addition to mobile security, the report also touched on the growth of the Angler exploit kit, which grew in popularity among attackers in the second half of 2014. The full report can be read here.

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.