Quick News Bit

Leaked Android certificates left millions of smartphones vulnerable to malware

0
Malware

Looks like millions of Android smartphones were literally inches away from mass malware attacks. Devices from LG, Samsung and MediaTek chipsets were subjected to a major Android vulnerability. Once exploited, it would have given cyberattackers complete authority over your device. In fact, the privileges that this vulnerability introduces to the injected malware may be more than what you as a user have on your own device.

Android steers closer to a massive malware attack

According to the reports shared by Lukasz Siewierski, a Google employee and a malware reverse engineer, critical certificates of some of the Android smartphone manufacturers were leaked giving exploiters the exact vulnerability to puncture into these devices. It includes MediaTek, LG, and Samsung which means the vulnerability would have given cyber attackers access to hundreds of millions of devices.

For the unversed, everything smartphone manufacturer (or OEM) has a platform certificate that contains a private key. Android OS authenticates this private key whenever there’s an app update from the OEM. Once confirmed, it is passed through. These certificates have the android.uid.system as their user id which is the highest level of privilege on a device.

Apparently, some of these certificates were leaked. It means if an attacker got his hands on it, he can literally use it to trick Android OS into believing that malware being injected in an app is actually an update thanks to its disguise. Since the Android OS validates the key, it has no reason to suspect and gives it a green signal. That’s where the malware gets privileged access to that particular app and device itself.

Millions of LG, Samsung smartphones face vulnerability due to leaked Android certificates

In fact, according to some experts, the privileges this malware could gain are likely higher than what users have on their devices.

Fortunately, not everything is lost…

The good news is, Google has acknowledged the issue and has warned the OEMs to push updates to mitigate it. It has asked OEMs to rotate the certificates and change the keys that would make the previous certificates obsolete.

Apart from that, Google has implemented detection for malware on its Build Test Suite that checks system images on devices. Google Play Protect prevents such types of malware to pass through when the user has downloaded or updated the apps. It is highly recommended to steer away from sideloading as that opens a system to countless vulnerabilities.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment