information security researchers Bluebox recently, they found a serious loophole exists in the android . The loopholes allow malicious Trojan disguised as system certification of software, and allowed the virus to hide in the installed applications, without user awareness. According to the Bluebox laboratory security research team, the vulnerability from Android 1.6 version of the already existing, affect a wide range, about 99% android devices are all faced with the vulnerability of the threat.
in general, applications are certified through an encrypted signature. Therefore, if the authentication keys do not tally with the developers to set aside, the system will automatically reject any containing a update behavior changes. But the Bluebox claimed to have found the change method, you don’t have to forcibly destruction of a digital signature for APK installation package. This method also suggests that if wrong intentions hacker managed to install the modified package sent to the user, the user is likely in unwittingly installed software containing malicious code.
and how spread these are malicious hackers will change the installation package?
Google strong consolidation in the app store, via Play Store to spread malicious software is almost impossible. However, on other channels or platform, the user still is likely to be induced to install some applications, or accidentally fell into some “ false “ trap. Such as third party applications mall, phishing emails, or a bad site, may is the source of malicious applications.
it is not clear whether these malicious software to avoid the android “ install from unknown sources “ security Settings. After all, since the Facebook around Play Store automatic updates, since many users are set to license application installation of unknown sources. at the same time, once the malicious firmware update permission to confirm, then the hacker/ the attacker will get full system permissions, can freely get the user information, and even build a botnet.
this serious holes for those who use the original android and cease to get updates, users would have a loud slap.
this week, HTC announced it would stop the One S updated, even though the device listed in less than a year. Bluebox team said Google this year 2 month already aware of the vulnerability, but whether to patch perfect depends on various equipment manufacturers. Bluebox the chief technology officer of Jeff Forristal to IDG said that samsung newly listed the Galaxy S4 the corresponding patch has been installed, but Google home the Nexus instead of patch maintenance in the process.
Bluebox said will be held in Las Vegas at the end of the black hat security conference to disclose further details.