SUBSCRIBE
article, security

Android flaw allows hackers to alter apps

Howard Solomon
Android flaw allows hackers to alter apps

The vulnerability affects 99 per cent of Android mobile devices and puts private and enterprise data at risk, according to security firm BlueBox

A weakness in the Android security models enables hackers to modify the application package file (APK) code in a device and turn legitimate applications into a malicious Trojan, according to mobile security firm Bluebox.

โ€œThe implications are huge,โ€ according to Jeff Forristal, CTO of the Calif.-based BlueBox. โ€œThis vulnerability, around at least since the release of Android 1.6 (codename: Donut) could affect any Android phone released in the last four years โ€“ or nearly 900 million devicesโ€ฆโ€

ย 

Depending on the type of application on the device, he wrote in a recent blog, a hacker can exploit the vulnerability for anything โ€œfrom data theft to the creation of a mobile botnet.โ€

The Android APK is a file format used to distribute an install application software and middleware on the Android operating system.

RELATED CONTENT

Manufacturers, carriers blamed for rise in Android threats
Coming soon: The amazing skinless Android

Forristal said, the flaw discovered by Bluebox allows the modification of the APK code without having to break an appโ€™s cryptographic signature.

He said the risk to individuals and enterprise organizations is great because malicious apps can access personal data or gain entry into an enterprise network.

โ€œThis risk is compounded when you consider that applications developed by device manufacturers (e.g. HTC, Samsung, Motorola, LG) or third parties that work in cooperation with the device manufacturers (e.g. Cisco with AnyConnect VPN) that are granted special elevated privileges within Android โ€“ specifically System UID access,โ€ said Forristal.

For instance, an application that has been turned into a Trojan malware can gain access to the Android system and all applications in the device. The altered app can read arbitrary application data on the device such as email, SMS messages and documents, retrieve stored account and service passwords. The Trojan can also take over phone functions and make arbitrary phone calls or arbitrary SMS messages or turn one the device camera or record calls.

A hacker can also take advantage of a deviceโ€™s always-on, always-connected capability to turn the device in a โ€œzombieโ€ mobile device to create a botnet.

Forristal recommends that Android device owners exercise the following precautions:

  • Make sure apps being downloaded into the device are legitimate
  • Enterprise with BYOD implementations should alert user about the flaw and urge them to update devices diligently

โ€œIT administrators should look beyond device management and focus on deep device integrity checking and securing corporate data,โ€ said Forristal.

Related Download
Cisco Secure Mobility Knowledge Hub Sponsor: Cisco
Cisco Secure Mobility Knowledge Hub
This Knowledge Hub provides an end-to-end look at what it takes to discover, plan, and implement a successful Secure Mobility strategy.
Learn More

Tech Jobs

Categories

Popular Stories This Week

ITWC Network

Follow Us

©

2025

IT World Canada. All Rights Reserved.