Researchers from a pair of German universities conducted a study of android apps and found that over 15% of them had weak or bad SSL implementations. This can leave the apps vulnerable to man-in-the-middle attacks, which could compromise users’ data, such as bank credentials, and other sensitive information. The researchers also built a proof-of-concept tool called MalloDroid, which they used to demonstrate that it was in fact possible to carry out an attack.