View article

Android platform is gaining explosive popularity. This leads developers to invest resources to maintain the upward trajectory of the demand. Unfortunately, as the profit potential grows higher, the chances of these Apps getting attacked also get higher. Therefore, developers improved the security of their Apps, which limits attackers ability to compromise upgraded versions of the Apps. However, developers cannot enhance the security of earlier versions that have been released on the Play Store. The earlier versions of the App can be subject to reverse engineering and other attacks. In this paper, we find that attackers can use these earlier versions as attack vectors, which threatens well protected upgraded versions. We show how to attack the upgraded versions of some popular Apps, including Facebook, Sina Weibo and Qihoo360-Cloud-Driven by analyzing the vulnerabilities existing in their earlier versions. We …