Cybersecurity firm Trustwave claims to have identified a flaw in Google Play’s security filter that allows a verified app to be updated with malicious code, according to CNET. The problem lies with Google Bouncer, the automated system that inspects newly submitted apps for incriminating code or functionality. Trustwave submitted a contact blocking app called SMS Blocker to Google for verification and, because it was legitimate and fully functional at the time, Bouncer let it through. However, using its special cloaking technique, Trustwave was able to update SMS Blocker 11 times with code that enabled it to peek at user photos, contacts, phone records, and even launch malicious websites.
Possible hole in Google Play’s app security filter to be demonstrated tomorrow
Cybersecurity firm Trustwave claims to have slipped malware past Google Play’s security filter using an exploit that updates a verified Android app with malicious code.
Cybersecurity firm Trustwave claims to have slipped malware past Google Play’s security filter using an exploit that updates a verified Android app with malicious code.
While Android malware has appeared in the past, most have required some kind of user interaction. Trustwave’s technique needed only to be installed with its legitimate base and then updated with the cloaked malicious payload, resulting in almost full control of the device. Trustwave’s researchers are presenting their technique tomorrow at the Black Hat security conference, and we’re sure that Google will be listening very intently.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
Most Popular
Most Popular
- Midjourney goes from generating cat images to full-body ultrasound scans
- This robotic self-driving toilet comes to you
- Barret Zoph is out at OpenAI again after just five months
- Apple’s weird anti-nausea dots cured my car sickness
- Amazon employees say they’re facing termination for backing data center limits
