Certified Copy? Understanding Security Risks of Wi-Fi Hotspot based Android Data Clone Services

Abstract

Wi-Fi hotspot-based data clone services are increasingly used by Android users to transfer their user data and preferred configurations while upgrading obsolete phones to new models. Unfortunately, since the data clone services need to manipulate sensitive information protected by the Android system, vulnerabilities in the design or implementation of these services may result in data privacy breaches. In this paper we present an empirical security analysis of eight widely used Wi-Fi hotspot-based data clone services deployed to millions of Android phones. Our study evaluates those services with respect to data export/import, data transmission, and Wi-Fi configuration with respect to security requirements that the data clone procedure should satisfy. Since data clone services are closed source, we design Poirot, an analysis system to recover workflows of the data clone services and detect potential flaws. Our study reveals a series of critical security issues in the data clone services. We demonstrate two types of attacks that exploit the data clone service as a new attack surface. A vulnerable data clone service allows attackers to retrieve sensitive user data without permissions, and even inject malicious contents to compromise the system.