Android on PC: On the Security of End-user Android Emulators

Android emulators today are not only acting as a debugging tool for developers but also serving the massive end-users. These end-user Android emulators have attracted millions of users due to their advantages of running mobile apps on desktops and are especially appealing for mobile game players who demand larger screens and better performance. Besides, they commonly provide some customized assistant functionalities to improve the user experience, such as keyboard mapping and app installation from the host. To implement these services, emulators inevitably introduce communication channels between host OS and Android OS (in the Virtual Machine), thus forming a unique architecture which mobile phone does not have. However, it is unknown whether this architecture brings any new security risks to emulators. This paper performed a systematic study on end-user Android emulators and discovered a series of security flaws on communication channel authentication, permission control, and open interfaces. Attackers could exploit these flaws to bypass Android security mechanisms and escalate their privileges inside emulators, ultimately invading users' privacy, such as stealing valuable game accounts and credentials. To understand the impact of our findings, we studied six popular emulators and measured their flaws. The results showed that the issues are pervasive and could cause severe security consequences. We believe our work just shows the tip of the iceberg, and further research can be done to improve the security of this ecosystem.