Finally, Android platform is no longer immune from hacking. Bluebox Security has
found a vulnerability in Android platform which could allow hackers to turn
virtually any Android app into a malicious “zombie”. This would allow hackers to silently and remotely control a device's function, without raising
the attention of the phone owner, Google or the app developer. This vulnerability dates back to Android 1.6 and could affect any of the 900 million Android devices in the market.
BlueBox Security's CTO Jeff Forristal revealed the company found a method by which a
hacker could modify an app’s APK code without breaking the cryptographic
signature used to authenticate it. Since verified apps are granted complete access to the Android system
and all applications on a phone, the security weakness is potentially
huge.
Forristal also mentioned that Apps listed on the Google Play store are immune from this tampering. This is yet another reason to stick to official apps stores for
downloads.
A report from Juniper
released last month claimed that mobile malware is an increasingly
profit-driven business. The research firm
estimates that the number of malicious mobile malware jumped 614%
between March 2012 and March 2013 to account for more than 250,000 apps.
No comments:
Post a Comment