Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Researchers find another Android attack that can get past signature checks

Lucian Constantin | July 12, 2013
The vulnerability allows attackers to modify legitimate Android apps without breaking their digital signatures.

Technical details about the issue are currently being withheld in order to allow device manufacturers enough time to release new firmware versions containing the patch.

Information shared by Google with Bluebox Security suggests that Google Play can detect apps that attempt to exploit the new vulnerability, Forristal said. However, Bluebox has not performed any tests in order to confirm this, he said.

Google declined to comment on the matter.

Vulnerabilities that allow legitimate APKs to be modified without failing Android's digital signature checks could present benefits for cybercriminals. Attempting to pass malicious apps as popular games and other well-known applications has long been a technique used by Android malware authors to distribute their creations.

Some of the devices affected by this vulnerability will most likely never receive a patch because they've reached end of support. However, if Google Play already detects such exploits, users who don't install apps from alternative sources such as third-party app stores should be protected.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.