Bluebox Labs discovers four year old Android bug that can be
employed by malware to duplicate established apps.
Security researchers from Bluebox Labs have declared that
they have found a four year old Android bug that could be exploited by malware to
camouflage themselves as established apps and take over a user’s gadget. The
researchers assert that the bug lets malevolent software to alter the code of
an APK file without leaving proof, this means that all that a user will need to
do to be affected is set up the app on a gadget.
The Bluebox team states that the bug has survived since
Android 1.6 (Donut). Nevertheless, a hacker can’t issue the tailored app
through Google Play as the app store has been patched to authenticate the
contents of all apps downloaded. It still emerges to be a grave crisis since
installing apps from third-party sources, where security measures can be sloppy,
is fairly fashionable among Android users. In fact, in the recent history,
Facebook tested with serving updates straight to Android devices without employing
the Play Store. Also, Android devices that haven’t been updated are at danger
from this liability. Once the malware is installed using the bug, a hacker
could take over the user’s device, steal personal data or use the gadget as
part of a bot net attack.
As The Verge states, this appears to be of particularly larger
worry for Android users whose handsets have stopped acceptance of authorized
updates. Jeff Forristal of Bluebox Labs has said that Google was well-versed
anout the bug in February of this year but closing the security hole would be
up to the manufacturers of individual Android handsets, “99%” of which might be
affected. Forristal has exposed that the Samsung Galaxy S4 has by now been
patched but the Nexus devices have yet to obtain the concerned security update.
If you have an Android handset make sure you the most recent
arrangements and Play Store updates installed and also make sure that you only
install apps from reliable sources.
No comments:
Post a Comment