July 5, 2013
vulnerability for 900 million Android smartphones have been discovered by researchers at security firm Bluebox.
researchers startup Bluebox, a company specializing in mobile security, located in San Francisco, have discovered a flaw in the operating system Android. The problem is related to how Android applications are verified. A breach in the procedure allows an attacker to modify the APK files (Android Application Package) without breaking the cryptographic signature. Attackers can then add this code APK and then exploit this flaw to retrieve data or insert a botnet (web robot). The all Android smartphones sold in four years may be infected, or those with 1.6 and later.
code that modified the digital signature, the fault is present, even if an update the one place. Malicious code allows hackers to access all the data that is on the device as applications, passwords, accounts, and data networks. Google has been informed of the existence of this vulnerability in February and passed the information to its partners so that they decide the steps to follow for their future updates. Patches should be delivered by different vendors to address these attacks. A patch exists, the Samsung Galaxy S4 would be provided.
No comments:
Post a Comment