If Google was just starting to forget about the Android malware threats from earlier this year, now it has another security headache: Researchers at North Carolina State University just discovered a new vulnerability in some of the most popular Android phones being sold today.
The security flaw, described in detail in this white paper, is specific to a certain implementation of the Android operating system, the researchers say, so it doesn’t necessarily affect all Android phones. Most Android handset makers integrate their own software (sometimes called “bloatware”) on top of the basic Android OS (for example, HTC’s Sense interface) to serve up various services and differentiate themselves.
What sort of problems could arise? That depends on what sort of malware those hackers use. Theoretically, the vulnerability could be used to install software that records phone calls, send text messages, or even wipe the phone’s settings, according to Science Daily. It’s not clear if hackers could use the backdoor to actually “root” the phone, but if it’s possible, all bets are off.
But that software is exactly what’s opening up certain phones to malware threats, the research says. Dr. Xuxian Jiang led a team that looked at multiple Android devices, and found that some of the pre-loaded applications that various manufacturers put in, like text-message notifiers, created a “backdoor” to the phone that third parties could exploit.
No comments:
Post a Comment