Leaked Android certificates left millions of smartphones vulnerable to malware

Main Image
  • Like
  • Comment
  • Share

Looks like millions of Android smartphones were literally inches away from mass malware attacks. Devices from LG, Samsung and MediaTek chipsets were subjected to a major Android vulnerability. Once exploited, it would have given cyberattackers complete authority over your device. In fact, the privileges that this vulnerability introduces to the injected malware may be more than what you as a user have on your own device.

Android steers closer to a massive malware attack

According to the reports shared by Lukasz Siewierski, a Google employee and a malware reverse engineer, critical certificates of some of the Android smartphone manufacturers were leaked giving exploiters the exact vulnerability to puncture into these devices. It includes MediaTek, LG, and Samsung which means the vulnerability would have given cyber attackers access to hundreds of millions of devices.

For the unversed, everything smartphone manufacturer (or OEM) has a platform certificate that contains a private key. Android OS authenticates this private key whenever there’s an app update from the OEM. Once confirmed, it is passed through. These certificates have the android.uid.system as their user id which is the highest level of privilege on a device.

Apparently, some of these certificates were leaked. It means if an attacker got his hands on it, he can literally use it to trick Android OS into believing that malware being injected in an app is actually an update thanks to its disguise. Since the Android OS validates the key, it has no reason to suspect and gives it a green signal. That’s where the malware gets privileged access to that particular app and device itself.

Millions of LG, Samsung smartphones face vulnerability due to leaked Android certificates

In fact, according to some experts, the privileges this malware could gain are likely higher than what users have on their devices.

Fortunately, not everything is lost…

The good news is, Google has acknowledged the issue and has warned the OEMs to push updates to mitigate it. It has asked OEMs to rotate the certificates and change the keys that would make the previous certificates obsolete.

Apart from that, Google has implemented detection for malware on its Build Test Suite that checks system images on devices. Google Play Protect prevents such types of malware to pass through when the user has downloaded or updated the apps. It is highly recommended to steer away from sideloading as that opens a system to countless vulnerabilities.

Related Articles

ImageSamsung Galaxy S23 Ultra first impressions: Bets big on Cameras and performance

Wait for Samsung’s first flagship lineup of 2023 is almost over now. The tech giant showcased three new S series phones in full glory – the Galaxy S23 Ultra, Galaxy S23 Plus, and Galaxy S23 at its first Unpacked event of 2023. The Samsung Galaxy S23 Ultra gets several upgrades over the existing S22 Ultra. …

ImageGoogle highlights the significance of Play Services For Android security

Google highlights the significance of Play Services against Triada trojan and other threats in a blog post published recently. Triada is a family of trojans that had infected some Android phones a few years back. Kaspersky Labs, who discovered it in 2016 called it, “one of the most advanced mobile Trojans”. Next year, Dr. Web …

ImageAPT42 Attack: What is it & how does it target high-profile activists

Iran government-supported hackers have recently targeted many high-profile activists, journalists, researchers, academics, diplomats, and politicians who have been working on Middle East issues. This credential phishing is being done via WhatsApp. The Human Rights Watch has linked this phishing attack with an entity affiliated with the Iranian government known as APT42. It is sometimes called …

ImageAndroid Smartphones may soon get Apple TV+ app, Beta testing in progress

Apple TV is soon going to be available on Android smartphones. After the Apple TV application was introduced for Android TVs, the trillion-dollar company is testing an Android App for its video streaming platform. According to a report by XDA developers, Apple is conducting internal tests right now to check and the application is still …

ImageOnePlus 11 visits TENAA; Full spec sheet revealed

The OnePlus 11 is set to reach Chinese shores by February 7, and the device recently visited the TENAA certification website. The smartphone carried model number PBH110 and scored 1.3 million points on the AnTuTu benchmark tests, which is the highest in the history of smartphones. In a recent development, the complete spec sheet of …


Be the first to leave a comment.