Google, Samsung and Amazon already made available the relevant amendments eliminating the threat, but close to 49.5% of users with Android devices is still susceptible to attacks based on this hole, although Google announces that it has not detected the attack attempts to exploit the vulnerability.
After that, when you install on a mobile device, a malicious application – that uses the vulnerability known as “Android Installer Hijacking” – a hacker gets full access to the device and has the ability to read from it confidential information such as user names and passwords.
See also:
The company Palo Alto Networks has developed two exploits that take advantage of the hole. Malware installed on the mobile device can modify and to swap only the applications installed on the mobile device that have been downloaded from independent software vendors. Therefore, experts advise to always download applications only from those sources to which we trust.
Application collected from independent software vendor pushes his installation APK files in unprotected storage-enabled mobile device, such as, eg. SD card . Comes into play when PackageInstaller application system, which completes the installation. If your device is in a hole, APK file may be modified or replaced to another.
The attack might look like. The user downloads the application and obtains from the Android permission to install. And that’s when it can be modified or replaced to another, because the software does not work PackageInstaller as it should and has no control over the operation. So after you click “Install” you do not realize that just installed a completely different, a malicious application.
After the discovery of this threat in January 2014 nearly 90% of all Android devices contained described hole . Today it is better, but almost every other device further has not been patched and still contains this dangerous hole.
Palo Alto Networks announces that the hole is in the following versions of Android: 2.3, 4.0.3 and 4.0. 4, 4.1.xi 4.2.x. Android 4.4 is safe. Hole can also be present in some devices running on Android 4.3.
Google released a patch eliminating the hole here, and Palo Alto Ntworks offers a tool that checks whether the Android device is vulnerable to such attacks.
No comments:
Post a Comment