A loophole which makes Android vulnerable to hackers

A ‘master key’ has been reportedly discovered by a security research firm which could potentially give cyberattackers access to almost every Android phone.

According to BBC, security research firm BlueBox has discovered the loophole which is present in every version of the Android operating system released since 2009.

The bug emerges as a result of the way Android handles cryptographic verification of the programs installed on the phone

The report said that Android uses the cryptographic signature as a way to check that an app or program is legitimate and to ensure it has not been tampered with.

Jeff ForristalBlueBox and his colleagues have found a method of tricking the way Android checks these signatures so that malicious changes to the apps go unnoticed.

Forristal said that the implications of this discovery could be ‘huge’ as it can take over the normal functioning of the phone and control any function thereof.

Security expert Dan Wallach said that in order to catch Android users, malicious hackers would have to get their booby-trapped version of a legitimate application on to the Google Play store.

According to the report, BlueBox had reported finding the bug to Google in February.

Google denied commenting on BlueBox discovery, the report added.

Via: TOI

Image Credit: AndroidTwit

 

Team TechPanda

Recent Posts

Outbound & inbound: Indian tie ups with Singapore, Indonesia, & Australia while Philippines meets Indian business group

The Tech Panda takes a look at how Indian companies are partnering with foreign businesses…

2 days ago

Investment temperament: NFO for 5 index funds, health funds for Early to Late-Stage Capital & to transform India’s healthcare landscape

The Tech Panda takes a look at the investment temperament in the Indian startup ecosystem.…

3 days ago

Tweets, tips & trading: X doubles down on payments power play

Big Tech is no longer content with just running user feeds, they want wallets too.…

3 days ago

PayPal World: Swipe right on global shopping

Indian shoppers could be shopping internationally using their UPI accounts sitting at home, thanks to…

6 days ago

Cheaper OTPs, smarter chats: WhatsApp takes aim at SMS dominance

The SMS as a tool to connect with customers might be coming to an end.…

6 days ago

Will our fintechs become our mobile service providers?

Looks like finance and connectivity will come together soon in our devices. Recently, UK fintech…

6 days ago