Homescreen Applications on Android found vulnerable to Phishing Scams

Last Updated On: May 19th, 2015

android unread notifications featured

Homescreen applications are basically the launchers or widgets which you use on your Android device to make it look good, according to your taste. It also provides a user with cool features which makes it more convenient  to use. Here comes the Cheetah Mobile into the scene, which found the applications vulnerable to Phishing Scam. CM is known to be the best security team to detect malware or potential threats on Android OS. It also helped in detecting Hide icon, proxy and some more threats to Android.

And for a personal suggestion, I would really suggest you to install CM Security to keep your Android device secure.

Specifically, the Leak detection System of the CM Security Research Lab discovered a list of applications which can be affected if the attacker wants to execute a phishing scam. 

What actually happens?

APUS notification (Example)

When we install an app, it asks for certain permissions and after allowing the permissions the app gets installed. The permissions should be read by a user to know what the app can control and have access to.

Here, in this vulnerability, there is a specific permission android.permission.WRITE_SMS which allows the Android system to place the messages directly into the Local SMS database. Fortunately, the Android system default messaging app doesn’t show an unread message notification. But, the launchers or widgets which were found vulnerable, fail to verify the source of the message and hence, start treating fake SMS as the real one which is displayed as unread.

So, the user simply opens the message which has been sent by an attacker. The SMS sent by an attacker who plans to execute a phishing scam will always send the SMS looking as a legit message and by any means (clicking on a link or getting redirected to a phishing site).

unread notification
Unread SMS

Normally, this is carried out by sending push notifications over the network which is an easy task for an attacker, but the 3rd party applications fail to verify the source and get affected by phishing scams. However, the applications include launchers and specific notification widgets which you use to get fancy notifications.

Which Android versions are vulnerable?

The android.permission.WRITE_SMS permission is found on Android versions below 4.4 KitKat. After KitKat 4.4 this has been fixed. So, you can relax if you have either KitKat 4.4 or above. But wait! Unfortunately, customized ROMs based on KitKat ( Like TouchWiz, MIUI etc ) may be affected, as mentioned by CM Security Research Lab.

And there’s a good news for CyanogenMod users, it is completely safe from this vulnerability. You may also read 5 reasons why CyanogenMod is better than the Stock ROM, if you are not a cyanogen user then you should know about it.

Now, that you have known the vulnerable Android versions and how it works, we should also know which are the applications listed by CM Security reported to be affected.

Next page is the list of the applications and custom ROMs affected by this vulnerability…….

A freelance tech journo who started TechLegends. He has had bylines at a variety of publications that include Ubergizmo & Tech Cocktail. You will usually see cats dancing to the beautiful tunes sung by him. He is also keeping up with his B.Tech in Comp. Sc.