One would hope.A security research firm discovered a flaw in Android phone operating system that would allow hackers to modify a regular application into a malicious one completely undetected by smart phone users, the app seller, or the service provider.
According to Bluebox Security, the scope of the problem is enormous: It affects 99 percent of Android users.
This security flaw allows hackers to modify a smart phone application's package file, or APK code, without breaking the app’s cryptographic signature.
[...]
“The implications are huge,” according to Bluebox Security’s report. This vulnerability to Trojan apps has been around since the release of the Android 1.6, and “could affect any Android phone released in the last 4 years – nearly 900 million devices.” Depending on the type of app, a hacker can exploit the smart phone's data. This means that personal information such as e-mail, text messages, passwords, and the phone’s location would all be accessible to the hacker, and could be used for anything from data theft to the creation of a mobile botnet. (Botnets are a network of computers infected with malicious software that causes them to perform automated tasks over the Internet, undetected by the user).
[...]
Apple cut deals with service providers to make the newest version of its operating system available to customers as soon as it is released. In contrast, Android lets carriers decide when to offer updates to the operating system. And an older operating system means that there is a greater chance of vulnerabilities to malware.
[...]
Google will likely encourage its service providers to quickly release a new Android operating system, says Bluebox founder Adam Ely.
There have not been any known cases of hackers using this kind of Trojan application to hack into Android phones.
No comments:
Post a Comment