Hack Android using Normal Permissions & Broadcast Receivers

No ratings

Presented at CarolinaCon 2014 by

Fadi Mohsen

In this work, we investigate the risks of permissions of normal protection level when used in broadcast receivers. Android broadcast receivers allow applications to register to listen to System events (e.g. receive call, receive message). We first conduct an extensive study on the evolution of Android broadcast actions over all releases. We study their overhead and permissions requirements. We then study the implications of including broadcast receivers in third party applications: battery life and user’s privacy. Finally, we implement a malicious Android application in an effort to compromise user’s privacy. The study finds that the numbers of broadcast’s actions have increased by 64% since Android first release. We also find that user’s privacy can be compromised using broadcast receivers that require normal permissions. Moreover, uncontrolled broadcast receivers’ registration can drain device battery which can be frustrating. Existing security and privacy tools have to consider new attack types and techniques.