New dangerous vulnerability discovered in Android

GuardSquare researchers discovered a dangerous vulnerability of Android OS, which allows criminals to spread malicious apps disguised as legitimate ones. The vulnerability dubbed Janus affects apps that use the first version of the digital signature format Android APK. Operating systems Android 5.0 and later use a method to check APK and DEX files when only a certain sequence of bytes is checked, not the whole digital signature. Knowing this, cybercriminals can replace legitimate apps with high level of privileges with malware and pass the check without violating the digital signature.

The vulnerability has been fixed and released in Google’s December update package; however, it might take a long time until numerous Android manufacturers will release their own updates and bring them to users. It should be noted that the problem of Janus doesn’t affect Android 7 operating system, because it uses a second version of Android APK. Apps downloaded from Play Store are also safe. However, the vulnerability poses a serious threat to those who use third-party resources, old versions of apps as well as new apps on devices running old Android OS, point out researchers.


source:  Technical Center of Internet

Back to the list