More than 94 per cent of popular Android applications used in the Middle East are potentially vulnerable, according to a new research highlighting security risks in the internal storage used by applications on Google Android devices.

The ‘Android Internal Storage’ is a protected area that Android-based applications use to store private information, including usernames and passwords, said the report from Palo Alto Networks, a leader in enterprise security.

An attacker, however, may be able to steal sensitive information from most of the applications on an Android device using the Android Debug Bridge (ADB) backup/restore function, it said.

In addition, most of the security enhancements added by Google to prevent this type of attack can be bypassed.

The research found that Android has the largest market share of all platforms, at 40 per cent, in Middle East and Africa.

Of the estimated 525.8 million mobile phone owners is the region, this equates to over 178 million phones at risk, it said.

Saeed Agha, general manager, Middle East, said: “We encourage users to be aware and Google to take a closer look at this storage weakness in Android. Given Android’s place as the region’s most popular mobile operating system, millions of users are potentially at risk here in the Middle East and Africa.”

The research recommends Android users to disable USB debugging when not needed, and application developers to protect Android users by setting android:allowBackup to false in each Android application’s AndroidManifest.xml file or restricting backups from including sensitive information using a BackupAgent. - TradeArabia News Service