virus could affect 900 million cell phones.
A recent finding could make users of mobile phone operating system from Google, Android, easy targets for cybercriminals, and would allow a legitimate program, also known as application-is used to access all the information stored on the mobile phone.
“The vulnerability we have detected has huge implications. could affect all Android-powered phones that have flooded the market in the last four years. This amounts to nearly 900 million devices,” says Jeff Forristal, director BlueBox technology, the company that claims to have discovered the fault.
According to the company’s technical team, which is dedicated to detecting security flaws in the industry, the change that makes the Trojan (a malicious program or malicious code that is hidden inside a legitimate application or appear legitimate) not detected either by the user or by telephone, or by Google Play, the company’s service that allows users to download multiple apps available for Android.
“The installation of the trojan into the phone says Forristal-allows unrestricted access to the system and all its applications.”
“This means that the program can ‘read’ emails, text messages and any other document that the person has been saved. And not only that, it affects the normal functioning of the device, making arbitrary calls, activating the camera or recording messages “.
How it works
problem is how Android verifies the encrypted identification of programs.
All Android applications are “encrypted signatures” that the operating system uses to verify that the application is legitimate and has not been modified in any way.
Forristal and colleagues identified a method to trick Android, so it does not detect such changes.
“Essentially you can take control of the operation of the phone and its functions,” the BlueBox CTO, founded in mid-2012.
Forristal said that in February this year notified Google about security flaw discovered.
For now, however, the threat is theoretical as there is no evidence that this information has been used by cybercriminals.
“I imagine that Google would act swiftly in a case like this to detect possible attacks.”
Google had no comment regarding the discovery of BlueBox.
No comments:
Post a Comment