Huge security vulnerability may affect nearly every Android device on the planet


Security researchers claim to have recently discovered a vulnerability in Androidthat could potentially affect 99% of devices. Bluebox Security revealed that the exploit, which has reportedly existed for the past four years since Android 1.6, allows a hacker to modify an application’s code without breaking its cryptographic signature. I could then theoretically turn any legitimate application into a malicious one.

The firm notes that these malicious applications would be “unnoticed by the app store, the phone, or the end user,” adding that a hacker could exploit the vulnerability to do just about anything to a device. The difficult part, however, is finding a way to trick users into installing the malicious app update.

Bluebox CTO Jeff Forristal confirmed to CIO that Samsung has already issued a fix for the Galaxy S4, which is the only smartphone now immune to the vulnerability. Google was notified about the exploit in February and is said to be working on a fix for its Nexus devices.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s