backtop


Print

Researchers say that some of the 17 apps for Android claiming to search for Heartbleed are fake

Heartbleed has been an interesting topic of discussion for the past few weeks. Just last week, a 19-year-old Canadian was arrested for allegedly hacking into the Canada Revenue Agency (CRA) portal by using Heartbleed.
 
Word has now surfaced that Heartbleed may be ready to cause a significant problem for Android users. Reports indicate that 150 million Android apps are vulnerable to Heartbleed. Security researchers say that while there are 17 Android apps that are able to scan for Heartbleed, at least six of that number use methods of scanning that are insufficient.
 
The findings came from FireEye researchers Yulong Zhang, Hui Xue and Tao Wei. The researchers wrote, "For the Android platform, we find that roughly 150M downloads of Android apps contain OpenSSL libraries vulnerable to Heartbleed."
 
Some versions of Android aren’t vulnerable to Heartbleed, including Jelly Bean 4.1 and 4.1.1, since they don't use OpenSSL or use it in a way where the flawed features susceptible to Heartbleed are disabled by default.
 
Most of the apps that are vulnerable are games according to the researchers.
 
On the plus side, the number of apps vulnerable to Heartbleed has declined according to the researchers since April 10 when 220 million were estimated to be vulnerable.

Source: Recode





"And boy have we patented it!" -- Steve Jobs, Macworld 2007






Most Popular ArticlesHP 280 G2 MT Desktop PC
July 16, 2017, 6:47 AM
LG Aristo – Smart and Innovative
July 17, 2017, 7:05 AM
Dell XPS 27 – Large Screen PC AlO with High-End Performance
July 10, 2017, 7:22 AM
Comparison: Rock64 vs Raspberry Pi 3
July 11, 2017, 6:53 AM
The Best 4K Monitors
July 15, 2017, 6:30 AM

Latest Blog Posts






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki