Researchers at the University of Michigan and the University of California, Riverside, say they discovered a phone hack that allows them access to mobile Gmail accounts with a 92 percent success rate. That's not to say the bad news ends with your smartphone's e-mail.
As CBS reported:
The researchers detailed a new type of hack, which they call a UI [user interface] state interference attack. A UI state interference attack simply means that the hacker can run the malicious app in the background without the user knowing.
First, you would have to download such a malicious app, thinking that it was harmless. And then the party would begin:
The researchers say it could allow a hacker to steal a user's password and social security number, peek at a photo of a check on a banking app, or swipe credit card numbers and other sensitive data.
The list of vulnerable apps is nothing to sneeze at. As the BBC pointed out:
Other apps hacked included H&R Block, Newegg, WebMD, Chase Bank, Hotels.com and Amazon.
While the hack was only conducted on an Android phone, as CNet notes, "the team believes that the method could be used across all three operating systems because all three share a similar feature: all apps can access a mobile device's shared memory."
Deceived by our shared memory. It's almost poetic.
This article is from the archive of our partner The Wire.