Android malware affecting pre-Jelly Bean devices in Indian cyberspace
A potentially damaging virus, which steals SMSes and personal details of
an Android-enabled gadget-user, has been detected in Indian cyberspace
and Internet security sleuths have asked mobile phone and tablet users
to exercise caution while operating.The malware is affecting all the versions of Android prior to version 4.2.2 (Jelly Bean).
"It has been observed that a critical vulnerability exists in Android which could allow attackers to inject malicious code into legitimate applications which makes it possible to change an application's code without affecting the cryptographic signature of the application, essentially allowing a malicious author to trick the Android device into believing that the crafted application is unchanged," the Computer Emergency Response Team-India (CeRT-In) said in its latest advisory to Android users in the country.
The malicious programme, the advisory said, is so damaging that it could be used for stealing personal information like email addresses, IMEI numbers, SMSes and installed applications.
"It could also send SMS or make calls from infected devices without user consent," the sleuths of the national cyber security centre said.
"An attacker could exploit this vulnerability by placing other files with same name into an application package along with the legitimate files. The Android package verification occurs against the first file during installation. Thus, the crafted .APK passes the verification process and installs the second file. However, at runtime, other malicious file gets executed," the advisory said.
The cyber police have also suggested some countermeasures.
"Check for the permissions required by an application before installing, exercise caution while visiting untrusted sites for clicking links, run a full system scan through a device with a mobile security solution or mobile anti-virus solution, do not download and install applications from untrusted sources and download applications only from trusted sources, reputed application markets and Google play store," the security agency said.
"It has been observed that a critical vulnerability exists in Android which could allow attackers to inject malicious code into legitimate applications which makes it possible to change an application's code without affecting the cryptographic signature of the application, essentially allowing a malicious author to trick the Android device into believing that the crafted application is unchanged," the Computer Emergency Response Team-India (CeRT-In) said in its latest advisory to Android users in the country.
The malicious programme, the advisory said, is so damaging that it could be used for stealing personal information like email addresses, IMEI numbers, SMSes and installed applications.
"It could also send SMS or make calls from infected devices without user consent," the sleuths of the national cyber security centre said.
"An attacker could exploit this vulnerability by placing other files with same name into an application package along with the legitimate files. The Android package verification occurs against the first file during installation. Thus, the crafted .APK passes the verification process and installs the second file. However, at runtime, other malicious file gets executed," the advisory said.
The cyber police have also suggested some countermeasures.
"Check for the permissions required by an application before installing, exercise caution while visiting untrusted sites for clicking links, run a full system scan through a device with a mobile security solution or mobile anti-virus solution, do not download and install applications from untrusted sources and download applications only from trusted sources, reputed application markets and Google play store," the security agency said.
Hi guys If u like this post please leave a comment in comment box... comment box will top right of every post and bottom of every post. its useful for me give a better information.. if u want to give any suggestion in bottom of blog there is contact information option please leave a msgs with u r mail id sure i will get u.
.
0 comments:
Post a Comment