Visitors: 1382 | Views: 1479 (today 117) | Font: |
Researchers working in the field of mobile security company Bluebox announced the discovery of vulnerabilities in the mobile operating system Android, which gave the attackers the potential to completely take the machine on it under control. This possibility existed due to the method by which the digital signature applications to make sure they are designed or modified only by trusted sources.
appeared in Android, this vulnerability is not yesterday: traces of it can be traced, at least up to version 1.6, which was released four years ago. Thanks to the hackers can modify the application code to include in their composition backdoors, keyloggers and other malicious functionality without having to change the signature.
After that malicious applications are in the system all the rights licensed “healthy” programs. Of particular risk is when the application is pre-installed by the manufacturer of the machine or partner companies, as their privileges in the system is usually the highest. They can gain access to user data, e-mails, SMS messages, documents, photographs, to all passwords. By taking control of the program, you can make calls and send SMS, turn on the camera, to record conversations. With such extensive capabilities, attackers could create a whole network (botnet) of always being turned on, always online, and are constantly moving, making it difficult tracking devices.
However, it may well be that the vulnerability has already been closed, as Bluebox reported it to Google in February.
Rate this article: |
No comments:
Post a Comment