A loophole which makes Android vulnerable to hackers

A ‘master key’ has been reportedly discovered by a security research firm which could potentially give cyberattackers access to almost every Android phone.

According to BBC, security research firm BlueBox has discovered the loophole which is present in every version of the Android operating system released since 2009.

The bug emerges as a result of the way Android handles cryptographic verification of the programs installed on the phone

The report said that Android uses the cryptographic signature as a way to check that an app or program is legitimate and to ensure it has not been tampered with.

Jeff ForristalBlueBox and his colleagues have found a method of tricking the way Android checks these signatures so that malicious changes to the apps go unnoticed.

Forristal said that the implications of this discovery could be ‘huge’ as it can take over the normal functioning of the phone and control any function thereof.

Security expert Dan Wallach said that in order to catch Android users, malicious hackers would have to get their booby-trapped version of a legitimate application on to the Google Play store.

According to the report, BlueBox had reported finding the bug to Google in February.

Google denied commenting on BlueBox discovery, the report added.

Via: TOI

Image Credit: AndroidTwit

 

Team TechPanda

Recent Posts

The AI Editor has arrived: What Human-in-the-Loop publishing & ecommerce really looks like

Artificial Intelligence is no longer just a futuristic concept in publishing and e-commerce. It’s here,…

2 days ago

After the artist & the writer it’s the developer’s turn to rethink careers as AI starts coding

The artist and the writer have been living in fear of AI taking over their…

3 days ago

Geek Appeal: New gadgets & apps on the block

The Tech Panda takes a look at recently launched gadgets & apps in the market.…

4 days ago

With top engineers from India in hot demand globally, Ness Digital Engineering champions internal pathways to leadership  

India’s tech and IT sector continues to grow, expected to top $300 billion in fiscal…

4 days ago

NTT debuts ultra-fast IOWN network with cross-border Kabuki performance

Japanese tech giant NTT showcased the latest in Innovative Optical and Wireless Network (IOWN) technology…

6 days ago

Funding alert: Tech startups that raked in moolah this month

The Tech Panda takes a look at recent funding events in the tech ecosystem, seeking…

1 week ago