A loophole which makes Android vulnerable to hackers

A ‘master key’ has been reportedly discovered by a security research firm which could potentially give cyberattackers access to almost every Android phone.

According to BBC, security research firm BlueBox has discovered the loophole which is present in every version of the Android operating system released since 2009.

The bug emerges as a result of the way Android handles cryptographic verification of the programs installed on the phone

The report said that Android uses the cryptographic signature as a way to check that an app or program is legitimate and to ensure it has not been tampered with.

Jeff ForristalBlueBox and his colleagues have found a method of tricking the way Android checks these signatures so that malicious changes to the apps go unnoticed.

Forristal said that the implications of this discovery could be ‘huge’ as it can take over the normal functioning of the phone and control any function thereof.

Security expert Dan Wallach said that in order to catch Android users, malicious hackers would have to get their booby-trapped version of a legitimate application on to the Google Play store.

According to the report, BlueBox had reported finding the bug to Google in February.

Google denied commenting on BlueBox discovery, the report added.

Via: TOI

Image Credit: AndroidTwit

 

Team TechPanda

Recent Posts

Why everything is a subscription now & what it means for your wallet

In the last decade, purchasing and accessing products and services have undergone a radical transformation.…

7 hours ago

Mumbai students win big at robotics championship in Chicago, headed to world finals

In an exceptional achievement, Mumbai-based high school robotics team Sigma 9692 has won the prestigious…

10 hours ago

Indian gaming shifts from audience to creator “given India’s mobile-first gaming capabilities”

The Indian gaming industry is sitting on an industry explosion in the near future as…

1 day ago

Transforming modern business operations: How Microsoft 365’s AI Integration is automating HR workflows & enhancing employee experiences

In today's fast-paced business world, when employee fulfillment and efficiency are crucial, technology has become…

1 day ago

Outbound & inbound: India attracts businesses from UK, China & US while expanding to Middle East

The Tech Panda takes a look at how India has been attracting foreign businesses from…

2 days ago

UPI value & volume surpass records in March

India’s digital payments ecosystem achieved a record high in March, with UPI transactions reaching INR24.77…

2 days ago