class=”text”> A man holds an Android phone. (Nxtiak)
Bluebox security company has warned of a new Android system vulnerability that allows convert Trojans legitimate applications , going completely unnoticed by the app store, phone or the user.
This vulnerability affects any Android device launched in the last four years . Depending on the type of application, a hacker can steal data from up to create a network of ‘bots’ phones.
class=”imp”> The problem is compounded when taking into account the applications developed by device manufacturers According to Bluebox Security says in its latest report, the risk for users and businesses is large, and is compounded when taking into account the applications developed by manufacturers devices like HTC, Samsung, Motorola or LG , or others who work in cooperation with the manufacturer of the device, as it Special elevated grant in Android, specifically UID system access.All Android applications contain cryptographic signatures, which uses Android to determine whether the application is legitimate and verify that the application has not been altered or modified. This vulnerability makes it possible to change the application code without affecting cryptographic signature application, which allows a malicious author Android deceive believing that the application does not change.
“Everything depends on the ability of device manufacturers to produce and launch updates ‘firmware’ for mobile devices and users to install. The availability of these updates vary widely depending on the manufacturer and model in question, “says the security company.
No comments:
Post a Comment