AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() ![]() Android supports the ability to install apps from the Google Play store as well as from the local file system. In order to understand how this works, let’s first take a look at how Android installs apps. We have been cooperating with Google and major manufacturers such as Samsung and Amazon to patch affected Android devices. We are calling the technique that exploits this vulnerability Android Installer Hijacking. ![]() It can substitute one application with another, for instance if a user tries to install a legitimate version of “Angry Birds” and ends up with a Flashlight app that’s running malware. This hijacking technique can be used to bypass the user view and distribute malware with arbitrary permissions. In January 2014, we uncovered a Time-of-Check to Time-of-Use ( TOCTTOU) vulnerability in Android OS that permits an attacker to hijack the ordinary Android APK installation process. Palo Alto Networks worked with Google and major manufacturers such as Samsung and Amazon to inform them of the vulnerability and issue patches for their devices.The malicious application can gain full access to a compromised device, including usernames, passwords, and sensitive data.This only affects applications downloaded from third-party app stores. Android Installer Hijacking allows an attacker to modify or replace a seemingly benign Android app with malware, without user knowledge.We discovered a widespread vulnerability in Google’s Android OS we are calling “Android Installer Hijacking,” estimated to impact 49.5 percent of all current Android users.
0 Comments
Read More
Leave a Reply. |