Security flaws in Android

A vulnerability in the Android operating system allows malicious hackers to mimic the identification of trusted applications on the mobile device of the user.

The same security expert who discovered last year the “Master Key” vulnerability in the Android operating system from Google has found a new vulnerability that allows malicious hackers to mimic the identification of trusted applications of mobile user on Android.

The company Bluebox Security confirmed the Android vulnerability that allows an attacker to identify and copy the digital identity of certain applications when inserting a Trojan horse to gain access to financial data or taking complete control of device. For example, when an application enters Adobe ID, Android does not check with Adobe that the identification is authentic. The facts are identical with the payment information on Google Wallet.

According to Bluebox Security, the fault goes back to January 2010, when Google released Android 2.1 and it affects all unpatched bug in Google for 13,678,484 units. All previous devices to Android 4.4 are vulnerable. This lack of software is a way to create fake IDs.

It is found that software errors corrections are problematic not only for vulnerabilities themselves but also because they require the collaboration of Google, application developers and manufacturers of addressing devices.

The problem is compounded by Android applications that support multiple signatories, allowing an intruder to open several false identification cards at once to access user data or take control without the user knows what is happening. See also https://bluebox.com/  http://thevarguy.com/

© 2015 Strategies Telecoms & Multimedia | Contact |  -