• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Current News   »   HTC flaw leaks data of Android smartphone users

HTC flaw leaks data of Android smartphone users

  • Posted on:October 10, 2011
  • Posted in:Current News, Vulnerabilities & Exploits
  • Posted by:
    Trend Micro
0

Mobile security experts have revealed that several models of HTC smartphones running on Android operating systems may have serious vulnerabilities that could compromise sensitive user data.

According to CNET, the HTC Evo 3D, Evo 4G and Thunderbolt smartphones contain a security glitch that allows mobile applications to gain access to personal data including text messages, GPS location, email addresses and phone numbers.

The vulnerability appears to be associated with data logging tools included in the operating system's latest update. According to Android Police, these utilities allow HTC to collect a wide range of data that may be used to inform future improvements. However, manufacturers may have opened a serious data security loophole as a result.

"It's like leaving your keys under the mat and expecting nobody who finds them to unlock the door," according to Android Police contributor Artem Russakovskii.

Since the issue arose, security experts have discovered that the danger goes deeper than originally expected. According to the news source, any application that connects to the web or integrates advertisements could potentially acquire full access to a user's system logs, IP address and a limited history of GPS data points.

"HTC takes our customers' security very seriously and we are working to investigate this claim as quickly as possible," company officials said earlier this week, according to InformationWeek. "We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken."

The manufacturer was alerted of the issue late last month, according to Russakovskii, but has been slow to take action. In the meantime, the security expert suggests that users exercise extreme caution when downloading and using mobile applications. While suspicious looking apps should always be avoided, even those that are more reputable may be able to intercept sensitive data due to this specific threat.

Data Security News from SimplySecurity.com by Trend Micro

Related posts:

  1. Android data security may move to center stage
  2. Android hardware faults could create data protection challenges
  3. Malware scares still plaguing Android users
  4. Voice technology leaks data online

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.