Researchers analysing Google’s Play Store apps using a specially-written ‘crawling’ tool uncovered serious security problems that would have allowed attackers to compromise social media and other accounts as well as steal the credentials used by developers running on Amazon’s Web Services (AWS).
The
paper by Professor Jason Nieh and PhD student Nicolas Viennot of Columbia University created a powerful automated tool dubbed ‘PlayDrone’ to decompile 100 billion lines of code relating to the Play store’s 1.1 million apps, 880,000 of which were free.
