All Android users potentially at risk from "Fake ID" vulnerability
Posted by: Jon Ben-Mayor on 07/30/2014 08:03 AM
[
Comments
]
The Bluebox Security research team uncovered a vulnerability which allows malicious applications to impersonate specially recognized trusted applications without any user notification.
According to Bluebox, this vulnerability allows these trusted applications to be copied and used for malicious purposes.
This can result in a wide spectrum of consequences. For example, the vulnerability can be used by malware to escape the normal application sandbox and take one or more malicious actions: insert a Trojan horse into an application by impersonating Adobe Systems; gain access to NFC financial and payment data by impersonating Google Wallet; or take full management control of the entire device by impersonating 3LM.
Status of Vulnerability Fix:
Effectively addressing a vulnerability requires a three step process:
1) Google produces a generic code fix, which it provides to the Android phone manufacturers
2) Then phone manufacturers must then incorporate that fix into a firmware update suitable to specific phones, which they provide to carriers
3) The carrier then distributes the final update, which ensures your phone is safe from the vulnerability
As regards Fake ID, Google has provided the generic code fix to the phone manufacturers. Currently the manufacturers and carriers are working to get that fix out to you. The Bluebox Security Scanner will help you track when that finally happens. Alternatively, you can contact customer support for your phone manufacturer or carrier for the more current and up-to-date status for your specific Android phone.
You can download the Bluebox Security Scanner from Google Play to check if you've been exposed.
According to Bluebox, this vulnerability allows these trusted applications to be copied and used for malicious purposes. This can result in a wide spectrum of consequences. For example, the vulnerability can be used by malware to escape the normal application sandbox and take one or more malicious actions: insert a Trojan horse into an application by impersonating Adobe Systems; gain access to NFC financial and payment data by impersonating Google Wallet; or take full management control of the entire device by impersonating 3LM.
Status of Vulnerability Fix:
Effectively addressing a vulnerability requires a three step process:
1) Google produces a generic code fix, which it provides to the Android phone manufacturers
2) Then phone manufacturers must then incorporate that fix into a firmware update suitable to specific phones, which they provide to carriers
3) The carrier then distributes the final update, which ensures your phone is safe from the vulnerability
As regards Fake ID, Google has provided the generic code fix to the phone manufacturers. Currently the manufacturers and carriers are working to get that fix out to you. The Bluebox Security Scanner will help you track when that finally happens. Alternatively, you can contact customer support for your phone manufacturer or carrier for the more current and up-to-date status for your specific Android phone.
You can download the Bluebox Security Scanner from Google Play to check if you've been exposed.
Comments
