A new bug in the Android system has been exploited by hackers, allowing them to infect legitimate apps to spy on users.
Two legitimate Android apps originating from China have been discovered to have an infection that uses the Android "master key" security holes.BlueBox, a security organization, originally discovered the vulnerability earlier this month. Symantec then recently released a report about the attacks. "We expect the attackers to continue to leverage this vulnerability to infect unsuspecting user devices," stated the report. The infections are based in code which allows the hackers to spy on and control the phone remotely. The apps which were infected are reportedly used to schedule medical appointments.
"Symantec recommends users only download applications from reputable Android application marketplaces," stated the company in an effort to minimize the number of attacks through educating users on safe phone use. Users also still have full ability to remove the infected apps and software. Unfortunately, the nature of the Android market makes it difficult to fix the security issue quickly or efficiently. Because Android systems are distributed by many different companies in many different places, a single update is therefore difficult to get to all Android users at once. But Android isn't the only platform which has experienced security breaches lately.Apple just had a major security breach within its developer portal, potentially compromising over 200,000 developers. As hackers get increasingly good at finding security holes across all kinds of platforms, it becomes more and more important for both users and providers to focus on digital security regardless of operating system or device.
Retweet this story
Two legitimate Android apps originating from China have been discovered to have an infection that uses the Android "master key" security holes.BlueBox, a security organization, originally discovered the vulnerability earlier this month. Symantec then recently released a report about the attacks. "We expect the attackers to continue to leverage this vulnerability to infect unsuspecting user devices," stated the report. The infections are based in code which allows the hackers to spy on and control the phone remotely. The apps which were infected are reportedly used to schedule medical appointments.
"Symantec recommends users only download applications from reputable Android application marketplaces," stated the company in an effort to minimize the number of attacks through educating users on safe phone use. Users also still have full ability to remove the infected apps and software. Unfortunately, the nature of the Android market makes it difficult to fix the security issue quickly or efficiently. Because Android systems are distributed by many different companies in many different places, a single update is therefore difficult to get to all Android users at once. But Android isn't the only platform which has experienced security breaches lately.Apple just had a major security breach within its developer portal, potentially compromising over 200,000 developers. As hackers get increasingly good at finding security holes across all kinds of platforms, it becomes more and more important for both users and providers to focus on digital security regardless of operating system or device.
No comments:
Post a Comment