Researchers at security firm Bluebox Labs have found a bug in Android allows malicious software disguised as an app has been authenticated. Bluebox Labs says that this vulnerability has emerged from the Android 1.6 "Donut", that is, four years ago, and affects the "99%" devices running Android. Typically, the application will be authenticated by a digital signature is encrypted, so the update is not due to the release of programmers (ie other than the app lock code base) installation will be rejected. But the Bluebox, they have discovered a way to change, modify apk files without having to unlock the above signature. This is something that hackers can exploit to install malicious code on the device, as long as the hackers figure out how to install that package distribution to consumers.
Read more »
No comments:
Post a Comment