News

Latest Android malware sneakily installs rogue apps, but Play Store users need not worry

17

androidmalwareBAD

Quick heads-up on a vulnerability you might learn about soon. The folks at Palo Alto stumbled across a major security vulnerability within Android that could allow malicious apps to hijack an app install. Before you freak out and hook your phone up to a chemo machine to rid it of any impurities, stop — there’s almost nothing to be worried about here:

  • Google has already patched it ahead of this report being released
  • The initial bug was reported to Google as early as January 2014. We suspect Google kept it under wraps this long to make sure no-gooders wouldn’t try to target exposed devices
  • The vulnerability only affects sideloaded apps or apps downloaded from third-party app stores
  • It only affected Android versions prior to 4.4
  • For devices not on 4.4 or higher, Palo Alto worked with top manufacturers like Samsung to patch this fix in with their most recent software updates. Amazon also updated their Appstore to patch the vulnerability

So what does it do? According to them, since a side-loaded APK is installed from an unprotected source such as an SD card, an app could hijack the process of installing the app by Android’s package installer. It’d do this by replacing the legit APK with one that would most likely contain some sort of malware and other nasty stuff, and it would all happen without the user even knowing.

The dirty (but full) details can be found in the report published here, but the reality is that most folks with a phone made within the past couple of years are probably safe. Still, if you’re the oddball who still as a Nexus One on Android 2.3 and might be using a third-party app store over Google Play, you’ll be glad you know about it.

Palo Alto made a neat app that will check your phone to see if it is vulnerable. If it’s not, you’re good to go. If it is? Well, you should definitely try to download a ROM based on at least Android 4.4, or use this as a good excuse to finally get that new phone you’ve been eying. Be safe friends, and try not to download anything outside of Google Play unless you absolutely have to.

Quentyn Kennemer
The "Google Phone" sounded too awesome to pass up, so I bought a G1. The rest is history. And yes, I know my name isn't Wilson.

HTC sends invites for HTC One M9+ revelation April 8th in Beijing, new images leak

Previous article

Facebook’s F8 Developer Conference is happening today at 1PM Eastern, here’s where you can watch live

Next article

You may also like

17 Comments

  1. Nexus 5 android 5.1 isn’t vulnerable yay!!!!!!!!!!!!

  2. U HERE THAT CYANOGEN? “Play users need not worry”!!! Google suite of apps is very welcomed around these parts!

    1. Oh, shut up. Here’s why Play wasn’t affected:

      “Google Play downloads Android packages (APKs) to a protected space of the file system. Third party app stores and mobile advertisement libraries usually download APK files to unprotected local storage (e.g. /sdcard/) and install the APK files directly. Both methods use a system application called PackageInstaller to complete the installation.”

      The only reason Play wasn’t affected is because Google gives it special permissions to access protected storage that it doesn’t give other app stores.

    2. I welcome competitors, because it only makes improvements for both parties.

  3. Vulnerable. Now what?

    1. Don’t sideload apps.

      1. Then don’t get an Android phone.

        Sideloading is one of the biggest reasons why people get Android phones.

        1. No

        2. bullshit

  4. What about the Humble Bundle app? Did that get patched too?

  5. Woo my N5 is protected

  6. Considering that most phones are not running the latest OS, cannot access all of the apps (geo-locked), cannot access Google play and/or have need to sideload apks (downgrading from broken, poorly coded app “updates”, etc), then I’d say that this is still a big problem.

  7. So, is this a vulnerability of the OS or a malware???

    1. just more click bait BS.

      nothing to see here.

  8. Well time to update to Lollipop, All my Androids are vulnerable.

  9. Part of it is t a vul stability per say ,it is a regional problem.some of the stuff is a horiyed but only in specific country (some browser in China )the issue ?is some app maker offer those version to outside of China..and most of the time those Chinese app are very invasive .ya basicly its a region issue.some app from say China for China most of the time should not be avail to say usabut I suspect some get by in this fashion.its more of a loop hole

Leave a reply

Your email address will not be published. Required fields are marked *

More in News