Android vulnerability that invites Hackers to turn genuine Apps into some malicious Trojans and viruses

Seems tricksway update slowly for some days....sorry for that...
now we are continuing.......
Thus we are sending you some Android weakness that invites Hackers to turn genuine Apps into some malicious Trojans and viruses 

 Some Researchers  have disclosed the security threat in Android that can be broken by cybercriminals to turn any genuine application into a malicious programs.This can be done by changing the APK code without breaking the targeted application's cryptographic signature.

Android weakness that invites Hackers to turn genuine Apps into some malicious Trojans and viruses by tricksway


 Bluebox Labs Experts,Bluebox Security research team have said that the vulnerability can affect almost 900 million Android devices or we can say that Android versions that are starting with 1.6 have an impact of this.
Hackers can modify the application in such a way that it can go completely unnoticed not only by the end user but also by the phone and even the app store.If we install a Trojan application that has full permissions, allows the attacker to read sensitive data from the phone and after that the complete control of the device is in the attacker's hand.

And finally the most disturbing one is the potential for a hacker to take advantage of the always-on, always-connected, and always-moving i.e. hard-to-detect nature of these ‘zombie’ mobile devices to create a botnet,” Jeff Forristal, Bluebox CTO that are discussed.

Android weakness that invites Hackers to turn genuine Apps into some malicious Trojans and viruses by tricksway





So how does it work?

All Android applications contain cryptographic signatures that the operating system uses to determine if an application is genuine, and if it has been tampered with. However, the weakness influences the inconsistencies in how apps are cryptographically verified and installed that allows an hacker to modify the APK code without breaking the cryptographic signature.

The weakness is already reported to Google in February 2013. However, now it depends on the device manufacturers to develop and release firmware updates for their products.

Technical information of the weakness will be presented by experts at the future coming BlackHat USA 2013 security conference.

Himanshu is a young engineer living in India. Currently working at Cognizant as a Senior Engineer. He is an ethical hacker & blogger too, doing lots of crazy stuff... If you seem interesting, go through his portfolio: www.himstar.info : "Open Source. Millions of open minds can't be wrong!

2 comments: On Android vulnerability that invites Hackers to turn genuine Apps into some malicious Trojans and viruses

Leave a reply:

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Site Footer

Sliding Sidebar

We are India’s largest Startup Community


We are team of ' Delhi Startups ' , most active startup community with strict spam policy.
We are making !deas happen..for future, business and jobs without charging anything, with connecting entrepreneurs.. It's a reason to trust on us.
Come and join or subscribe, we will defiantly give a reason to like us.

Our Facebook Page