Researchers have warned that
approximately 10 per cent of the existing Android phones can be target
of attackers. Hackers can steal sensitive information like cryptographic
key for online banking services, VPN, pattern and PIN used to unlock
these devices.
As per IBM’s report, vulnerability has affected only Android 4.3 running device, which are about 10.3 of all Android users. A high sensitive region of Android OS is Android KeyStore. KeyStore stores cryptographic keys, PINs, Patterns, similar high sensitive credentials. Malicious code gets automatically executed in KeyStore and leaks this high sensitive information used by banking service, VPNs and user to unlock devices. Experts believe that Google has patched buffer overflow feature in Android 4.4 KitKat.
Android has advance software protection and security system. Address space layout randomization and data execution prevention identifies security bugs and blocks hackers from executing any code. Attackers would need an installed app to attack particular device. There are lot of such technical obstacles which makes it difficult for attackers to exploit the vulnerability. Still, users must take it seriously since it has affected KeyStore which is most sensitive resource in Android OS.
Dan Wallach who is Android security expert professor at Rice University has explained the technical aspects in an email :
“KeyStore is the only way that apps can store their authentication credentials. Attackers can log in user’s phone to access any service through malicious app installed on user’s device. The apps that allows users to save login information can be attacked by attackers but the banking apps which does not have feature to save password, and force you to manually type password everytime will remain safe.
The amount of damage depends upon what apps attacker can access. Like, if attacker can log in to your Twitter/Facebook account then he can spread spam. Your money can be stolen or misused if attacker has access to banking related apps. If use is using some VPN service to connect to internal services of company then there could be number of attacks as you’ve given access to internal server through firewall, a firewall which is used to secure and connect number of users.”
Pau Oliva works as a senior mobile security engineer at viaForensics. She thinks this is serious threat since it allows hackers to access most sensitive resource in Android platform. She said, “Attackers can do RSA key generation, signing and verification on behalf of user of affected device.”
Bouncer service takes care of malicious apps on Google Play store. Google might offer additional protection through Bouncer service. White hat hackers have bypassed Bouncer filter in past, they can easily bypass new security service if it is similar to Bouncer filter for Google play store. Android users who use online banking apps and other high sensitive information on daily basis are once again under threat. Users are advised to install apps carefully and think avoid installing apps from unknown sources.
As per IBM’s report, vulnerability has affected only Android 4.3 running device, which are about 10.3 of all Android users. A high sensitive region of Android OS is Android KeyStore. KeyStore stores cryptographic keys, PINs, Patterns, similar high sensitive credentials. Malicious code gets automatically executed in KeyStore and leaks this high sensitive information used by banking service, VPNs and user to unlock devices. Experts believe that Google has patched buffer overflow feature in Android 4.4 KitKat.
Android has advance software protection and security system. Address space layout randomization and data execution prevention identifies security bugs and blocks hackers from executing any code. Attackers would need an installed app to attack particular device. There are lot of such technical obstacles which makes it difficult for attackers to exploit the vulnerability. Still, users must take it seriously since it has affected KeyStore which is most sensitive resource in Android OS.
Dan Wallach who is Android security expert professor at Rice University has explained the technical aspects in an email :
“KeyStore is the only way that apps can store their authentication credentials. Attackers can log in user’s phone to access any service through malicious app installed on user’s device. The apps that allows users to save login information can be attacked by attackers but the banking apps which does not have feature to save password, and force you to manually type password everytime will remain safe.
The amount of damage depends upon what apps attacker can access. Like, if attacker can log in to your Twitter/Facebook account then he can spread spam. Your money can be stolen or misused if attacker has access to banking related apps. If use is using some VPN service to connect to internal services of company then there could be number of attacks as you’ve given access to internal server through firewall, a firewall which is used to secure and connect number of users.”
Pau Oliva works as a senior mobile security engineer at viaForensics. She thinks this is serious threat since it allows hackers to access most sensitive resource in Android platform. She said, “Attackers can do RSA key generation, signing and verification on behalf of user of affected device.”
Bouncer service takes care of malicious apps on Google Play store. Google might offer additional protection through Bouncer service. White hat hackers have bypassed Bouncer filter in past, they can easily bypass new security service if it is similar to Bouncer filter for Google play store. Android users who use online banking apps and other high sensitive information on daily basis are once again under threat. Users are advised to install apps carefully and think avoid installing apps from unknown sources.
No comments:
Post a Comment