Symantec Reports First Android Master Key Hacks Have Begun

rated by 0 users
This post has 5 Replies | 0 Followers

Top 10 Contributor
Posts 26,379
Points 1,192,225
Joined: Sep 2007
ForumsAdministrator
News Posted: Thu, Jul 25 2013 9:55 AM
Sometimes it stinks being right. To wit, Symantec earlier this month talked about the discovery of a so-called "Master Key" vulnerability in Android that would allow remote attackers to inject malicious code into legitimate apps without invalidating the signature. Symantec called it a "serious Android vulnerability," fearing that it would quickly be spotted in the wild. Less than a month later, Symantec was proven right.

Norton Mobile Insight—our system for harvesting and automatically analyzing Android applications from hundreds of marketplaces—has discovered the first examples of the exploit being used in the wild," Symantec stated in a blog post. "Symantec detects these applications as Android.Skullkey. We found two applications infected by a malicious actor. They are legitimate applications distributed on Android marketplaces in China to help find and make doctor appointments."

Chines Android Apps

In both cases, an attacker added code that allows him/her to remotely control devices, steal sensitive data, send premium SMS messages, and even disable a few Chinese mobile security software apps by using root commands (if available), Symantec says.

Due to the low level of difficulty, Symantec expects attackers to continue leveraging the vulnerability. As always, it's recommended you only download apps from trusted sources (Symantec said it's found four additional instances of this attack on third-party app sites), and of course Symantec would love it if you ran their security software on your mobile device (can we say vested interest?).
  • | Post Points: 65
Top 500 Contributor
Posts 119
Points 1,295
Joined: Jul 2013
Location: Utah

This is often why I prefer using mobile websites with the mobile browser. It's hard to tell what exactly apps are doing on your phone.

But I suppose even then, you have to be careful of malicious websites.

Maybe I'll just stay inside today...

  • | Post Points: 5
Top 150 Contributor
Posts 626
Points 5,600
Joined: Sep 2012
Location: Canada
ForumsAdministrator
Moderator
RWilliams replied on Thu, Jul 25 2013 1:56 PM

I am blown away by the number of third-party app stores... WHY do people use these things? Maybe I'm just not adventurous enough, but the Play Store has always suited me just fine.

  • | Post Points: 20
Not Ranked
Posts 41
Points 355
Joined: Sep 2012

So they share the information with the world, and then they get surprised when people use that information? Smart, Symantec.

  • | Post Points: 5
Top 150 Contributor
Posts 541
Points 4,510
Joined: Apr 2012
Location: Schertz, Texas
ajm531 replied on Fri, Jul 26 2013 11:48 PM

I absolutely agree but with one exception. the only time ive ever used was for one dev who got his apps removed from the play store which of course was an emulator. I trusted his apps and he put a lot of work into them. Other than that its just plain silly to do it otherwise.

  • | Post Points: 5
Top 150 Contributor
Posts 541
Points 4,510
Joined: Apr 2012
Location: Schertz, Texas
ajm531 replied on Fri, Jul 26 2013 11:57 PM

Let me start off by saying this one word..."China"

so there are tons off knocks and fakes of different products that are made over there all the time. my point of this is that this malware is being found in "legitimate applications being distributed on android marketplaces(indicating multiple when you should clearly be getting it from the play store) in china. ill repeat again in "china". so yeah if im not mistaking i dont know if they have access to the play store or not but this is as mentioned in the article being reported on by a company that makes money off this kind of propaganda if you will.

  • | Post Points: 5
Page 1 of 1 (6 items) | RSS