Chaining Exploits with Mobile Applications

If someone were to tell you that you have a mobile application on your phone that allows you to record audio, would you be concerned? It may alarm you, but that in and of itself is not enough to say the application is not secure. There are too many variables: What is the function of the application? Is the user aware of when he/she is being recorded? Is there a way to retrieve the audio remotely?

Now let’s change the scenario. What if the application also allowed you to send SMS text messages? If it allows the sending of text messages, then the risk is enhanced a malicious attacker, with full access to the application, may be able to record audio without your knowledge and send out that audio via an SMS text message. A chained exploit is one by which an attacker combines multiple attack vectors to launch a sophisticated attack that would otherwise be insignificant if only one attack vector was utilized.

Being able to connect the dots and evaluate overall risk by combining possible attack vectors is a must. You need to make intelligent decisions regarding the risk of installing an application in your enterprise. Mi3 Security doesn’t just point out vulnerabilities and let you spend the time pouring over findings so that you can try to analyze the risk yourself; it identifies the risk for you so that you can eliminate the threat.

Mi3 Security does this by using a sophisticated algorithm to intelligently analyze an application. Both the application itself, as well as Open Source Intelligence (OSINT) is factored into the equation to offer a realistic risk perspective. For example, Mi3 Security’s research labs have analyzed the top 500 Android applications and, of those that allow the recording of audio, 1 in 5 have permissions to send SMS messages. Combining the ability to record audio and send messages means an attacker may be able to leverage these permission settings to eavesdrop on your conversations and send it to someone else unbeknownst to you a clear privacy risk.

Of course, these two alone may not be a clear indication that this type of chained exploit is even possible. That is why Mi3 Security looks at thousands of settings and risk categories to determine if a mobile application poses a real-world threat. After evaluating applications with these permission settings, other contextual configurations, and OSINT, Mi3 Security has determined that 90% of those applications with permissions to record audio and send text messages are a serious risk, while 10% of the applications with these permissions do not have the other pieces of the puzzle to make this a real-world risk.

This is the magic of Mi3 Security’s AppInterrogator within just a few minutes, you have an expert advisor informing you if the combined vulnerabilities fall within your accepted threshold or if they post a risk, when combined, that poses a significant risk outside of your acceptable risk threshold. Mi3 Security eliminates the risk by helping you avoid the threat in the first place.