Smartphones have become ubiquitous for a range of social, financial, and personal endeavors, as well as for accessing sensitive resources like confidential files from organizations. Nevertheless, this extensive usage has also made smartphones vulnerable to multiple security risks posed by malicious adversaries who intend to breach user accounts or steal personal information. Specifically, high-profile individuals or organizations are susceptible to becoming targets of targeted attacks. Previous research has identified various vulnerabilities that can compromise smartphones and access users’ confidential information. A prominent example of such a vulnerability, known as the “Android Debug Bridge (ADB) vulnerability,” is widely recognized as it enables an attacker to remotely access and manipulate an Android smartphone and perform malicious activities. However, the existing body of literature lacks a comprehensive examination of the implications of this vulnerability on modern authentication systems, web-based password managers, and financial and e-commerce applications.

In this paper, we shed light on this area and evaluated the security of multi-factor authentication systems, browser-based password managers, and popular financial and e-commerce applications. For this purpose, we introduce the BadAuth attack that exploits a set of ADB utilities. Our results reveal the susceptibility of secure authentication systems and browser-based password managers to a sophisticated attack on a non-rooted device even with the latest Android version. Furthermore, our research exposes the alarming ability of adversaries to access all passwords stored by browser-based password managers, thus paving the way for more severe attacks, including large-scale breaches within organizational settings. Additionally, our assessment underscores potential privacy and security risks for financial apps under BadAuth attacks, along with possible risk mitigation strategies.