Monday, 29 June 2015

VU Researchers Reveal Vulnerability In Android


Researchers at the Free University in Amsterdam have revealed a vulnerability in Android which an attacker can install using the stolen credentials to a Google Account in several steps malicious apps on devices.

The problem is caused by one Google account used for different devices. An attacker who successfully infect the computer of an Android user knows and manages to steal the password of the Google Account can then install apps on all Android devices associated with that account, so the researchers had this weekend at the Volkskrant know. The devices showed the researchers used only during the installation process notifications in the notification bar, as downloading and installing the app.

"But once this was done, there was nothing more to see until the notification screen is explicitly opened. It is also true that the icon of the app does not always end up on the main screen, but sometimes only at the 'all apps' list, for example, if your main screen already filled, or - if the app is published correctly -. We did not make use of the latter, "said university researcher Victor van der Veen . Together with researcher and professor Radhesh Krishnan system and network Herbert Bos discovered and he researched the issue.

Play Store

Van der Veen says that can be installed through the attack vector only apps from the Play Store. According to the researcher then has two options attacker. Or placing a simple app on Google Play, which will be opened after installing a new rogue app.These users, however, would have to set themselves apps from external sources can be installed. Something that is disabled by default. The second option is to install an app on Google Play containing all malicious code. "Meanwhile we have several 'bad' applications received in the Play Store without being detected as malicious by Google," Van der Veen.

Through the malicious app, an attacker can then perform a variety of actions on the device, such as the interception of text messages or turn on the camera. The researchers warned Google late last year, but the Internet giant would want to do anything about the problem. Van der Veen advises users who want to protect themselves against possible attacks to watch.So should be immediately removed unsolicited downloaded apps and the option "Install from external sources" are disabled.Also users should change their passwords regularly. "Especially when there are suspicious or strange signals. And protect your PC, because the criminals come for the first time," the researcher noted.

No comments:

Post a Comment