Leaked Android certificates left millions of smartphones vulnerable to malware

Main Image
  • Like
  • Comment
  • Share

Looks like millions of Android smartphones were literally inches away from mass malware attacks. Devices from LG, Samsung and MediaTek chipsets were subjected to a major Android vulnerability. Once exploited, it would have given cyberattackers complete authority over your device. In fact, the privileges that this vulnerability introduces to the injected malware may be more than what you as a user have on your own device.

Android steers closer to a massive malware attack

According to the reports shared by Lukasz Siewierski, a Google employee and a malware reverse engineer, critical certificates of some of the Android smartphone manufacturers were leaked giving exploiters the exact vulnerability to puncture into these devices. It includes MediaTek, LG, and Samsung which means the vulnerability would have given cyber attackers access to hundreds of millions of devices.

For the unversed, everything smartphone manufacturer (or OEM) has a platform certificate that contains a private key. Android OS authenticates this private key whenever there’s an app update from the OEM. Once confirmed, it is passed through. These certificates have the android.uid.system as their user id which is the highest level of privilege on a device.

Apparently, some of these certificates were leaked. It means if an attacker got his hands on it, he can literally use it to trick Android OS into believing that malware being injected in an app is actually an update thanks to its disguise. Since the Android OS validates the key, it has no reason to suspect and gives it a green signal. That’s where the malware gets privileged access to that particular app and device itself.

Millions of LG, Samsung smartphones face vulnerability due to leaked Android certificates

In fact, according to some experts, the privileges this malware could gain are likely higher than what users have on their devices.

Fortunately, not everything is lost…

The good news is, Google has acknowledged the issue and has warned the OEMs to push updates to mitigate it. It has asked OEMs to rotate the certificates and change the keys that would make the previous certificates obsolete.

Apart from that, Google has implemented detection for malware on its Build Test Suite that checks system images on devices. Google Play Protect prevents such types of malware to pass through when the user has downloaded or updated the apps. It is highly recommended to steer away from sideloading as that opens a system to countless vulnerabilities.

Related Articles

ImageExclusive: Nothing Phone (2a) Design, Specs & India Price Revealed Before Launch!

Nothing Phone (2a) will launch in India on March 5, 2024. Since the phone marks the brand’s entry into a new segment, we’ve followed all the threads and rumors about it. Today, we’ve collaborated with known tipster @OnLeaks to present before our readers their first look at high-quality 5K renders of the Nothing Phone (2a), …

ImageGoogle highlights the significance of Play Services For Android security

Google highlights the significance of Play Services against Triada trojan and other threats in a blog post published recently. Triada is a family of trojans that had infected some Android phones a few years back. Kaspersky Labs, who discovered it in 2016 called it, “one of the most advanced mobile Trojans”. Next year, Dr. Web …

ImageAPT42 Attack: What is it & how does it target high-profile activists

Iran government-supported hackers have recently targeted many high-profile activists, journalists, researchers, academics, diplomats, and politicians who have been working on Middle East issues. This credential phishing is being done via WhatsApp. The Human Rights Watch has linked this phishing attack with an entity affiliated with the Iranian government known as APT42. It is sometimes called …

ImageGoogle Pixel 8a Retail Box Images Leak The Phone’s Black Color

The Google Pixel 8a is expected to arrive later this year, yet the first pictures of its retail box have surfaced online. According to a report by Android Police, the leaked images come from a Vietnam-based Facebook group. The images reveal some details about the upcoming smartphone. Leaked Images Showcase Pixel 8a’s Design First, the …

ImageSwitching Your Android Smartphone’s Digital Assistant: Here’s How to Switch from Google Assistant to Gemini AI; Pros and Cons

Google is making waves in the realm of conversational AI with the introduction of Gemini, its latest AI chatbot unveiled through a dedicated Android app. Demonstrating Google’s strides in AI technology, Gemini presents conversational functionalities that could potentially transform the way we engage with our smartphones. Currently, the Google Gemini app is officially accessible only …

Discuss

Be the first to leave a comment.