Working Exploit Discovered for Android Apps
Hackers are taking legitimate Android apps and turning them into trojans.
Researchers have uncovered and released the details of an exploit code that lets hackers convert legitimate Android apps into malicious trojans. The exploit centers around the way legitimate Android apps are cryptographically signed to ensure they are unaltered. Senior mobile security engineer at viaForensics, Pau Oliva Fora, released a 32-line proof-of-concept code which opens up existing Android apps to being manipulated by anyone with a moderate level of skill while still maintaining the cryptographic signature.
Luckily, the Google Play marketplace is constantly scanning available apps for signs that they might have been compromised. A number of apps can also be downloaded to scan the apps already on the phone for signs of this exploit. Oliva Fora warns Android users to always be wary of downloading apps from a third-party marketplace.
Original article by Dan Goodin.
Read the full story here.
Leave a comment
Voice assistants can be helpful, but their “always on” functionality can leave you vu Read more
Previously thought to be designed to deliver a DDoS attack, VPNFilter can alter data Read more
Getting a message to the user is one thing, having them see it is another… An article Read more
US Cyber Command joins with the FS-ISAC to share threat intelligence… An article revi Read more