All Apple news

More than one billion Android devices in jeopardy due to critical vulnerability

Posted on Author Comment(0)

Researchers at Georgia Institute of Technology and the University of California, Santa Barbara have discovered a new class of attacks on Android smartphones, which is called Cloak and Dagger. It allows fraudsters to carry out actions on a mobile device, the secret from the user: for example, to record button presses and to install applications.

Experts have discovered a serious vulnerability affecting all versions of Android OS (including the latest version of Android 7.1.2 Nougat). It also affects more than a billion devices around the world. With the help of Cloak and Dagger vulnerability attackers can steal data stored in the device information, creating a malicious application that requires only two permissions. The application need only to access BIND ACCESSIBILITY SERVICE (“a11y”) and SYSTEM ALERT WINDOW (drawing on top of other Windows), and it can record keystrokes on keyboard and steal passwords and other confidential data.

To force the user to provide the malware the requested access is not always easy, but in the Arsenal of cyber criminals a lot of ingenious techniques. Once the victim gave the above application permissions, attackers can quietly for her to download malware, steal information and get control over the device.

According to the researchers, the vulnerability enables all sorts of serious attacks, ranging from theft of passwords and PIN-codes and ending with the invisible installation of applications running in “God mode” and the victim won’t even know it.

Google has taken steps to improve the security of their mobile OS immediately after receipt of the vulnerability report. “We’ve updated Google Play Protect (our security service for all Android devices from Google Play) to detect and prevent the installation of such applications,” the company said.

Read also:   Photo: the Japanese offered to shave with the iPhone

It is expected that the patch for the vulnerability Cloak and Dagger will be released with the next scheduled updates for Android. However, given the fact that between the release of the update and its getting end-users goes a long time, the vulnerability poses a serious security threat.

Related Posts

Wylsadrive: Lexus RX350
iOS

Wylsadrive: Lexus RX350

Posted on Author Erika J. Wells

After testing the Lexus RX300, I was left with a very pleasant impression, but refrained from buying. Although there was a visit to the dealer, and ordering a car for yourself, and prepayment, but no, the choice fell on another car. Nevertheless, in general, I liked the car, I continue to follow the development of […]
All Apple news

7 reasons why the MacBook Air better than any Windows laptop in its segment

Posted on Author Erika J. Wells

In June, Apple introduced an improved line of laptops, including a revamped MacBook Air. The latter has received a minimal update in the form of a new processor – Intel Core i5 1.8 GHz. According to rumors, this update will be the last in the history of the MacBook Air. MacBook Air is one of […]
All Apple news

In the App Store came out Monument Valley 2 – the second part of the cult puzzle game from Ustwo

Posted on Author

The App Store debuted the sequel to the cult mobile puzzle Monument Valley 2. This is a brand new Read also:   Cadillac unlucky in Russia crossover with support for Apple CarPlay

Leave a Reply

Your email address will not be published. Required fields are marked *