The leak resulted in the creation of malware apps that gain access to Android devices.
(Image Courtesy: Samsung)
A security leak has left Android devices from manufacturers such as Samsung, LG and others, vulnerable to malware apps that steal user data and can gain access to their devices.
The reason why the leak is dangerous is that it contains platform certificates, which are used to verify apps and sign off on Android builds for these apps.
In the wrong hands, these certificates can be potentially used to create apps that will be flagged as authentic by Android, even when they are not.
The Android signing certificates were leaked from multiple partner OEMs. Worse, the certificates are also used to determine whether the version of Android running on your phone is legitimate.Folks, this is bad. Very, very bad. Hackers and/or malicious insiders have leaked the platform certificates of several vendors. These are used to sign system apps on Android builds, including the "android" app itself. These certs are being used to sign malicious Android apps! https://t.co/lhqZxuxVR9
— Mishaal Rahman (@MishaalRahman) December 1, 2022
Unfortunately, the disclosure of the leak does not specify which OEM vendors were affected but as 9to5Google points out, it does show an example hash of malware files.
Using this, the publication managed to find out some of the organisations that have had certificates leaked. These include Samsung, LG and MediaTek among others.
For now, Google is urging OEM partners to swap out the leaked certificates, so they can no longer be used.
Google reported that the leak happened in May 2022, and stated that the users are protected against this vulnerability through Google Play Protect and "mitigation measures" implemented by OEM partners.
Security leak leaves Android phones from Samsung, LG and others vulnerable - Moneycontrol
Read More
No comments:
Post a Comment