Huge security vulnerability may affect nearly every Android device on the planet

BGR.com
Android Security Vulnerability

Android Security Vulnerability

Security researchers claim to have recently discovered a vulnerability in Android that could potentially affect 99% of devices. Bluebox Security revealed that the exploit, which has reportedly existed for the past four years since Android 1.6, allows a hacker to modify an application’s code without breaking its cryptographic signature. I could then theoretically turn any legitimate application into a malicious one.

[More from BGR: Vermont ISP delivers Google Fiber speeds for half the price]

The firm notes that these malicious applications would be “unnoticed by the app store, the phone, or the end user,” adding that a hacker could exploit the vulnerability to do just about anything to a device. The difficult part, however, is finding a way to trick users into installing the malicious app update.

[More from BGR: Nokia’s unannounced 41-megapixel Lumia 1020 pictured ahead of AT&T debut]

Bluebox CTO Jeff Forristal confirmed to CIO that Samsung has already issued a fix for the Galaxy S4, which is the only smartphone now immune to the vulnerability. Google was notified about the exploit in February and is said to be working on a fix for its Nexus devices.


This article was originally published on BGR.com

View Comments (11)