Categories: Digital LifeNews

A BIG Linux hole puts 66% of Android users at the mercy of hackers

It seems every month of Q4 last year smartphone users had to dodge the minefield that was malware attacks and exploits. We had StageFright, Ghost Push Trojan, XcodeGhost and indeed, another massive Android vulnerability has been spotted by researchers at Perception Point.

The team’s analysis claims that for the most part of three years, devices and servers have had an unattended backdoor that would allow hackers an open playground to play with – majorly concerning root access.

There’s no proper name for this flaw yet but it’s been labelled “CVE-2016-0728” for now and it’s gonna be a big problem. We’re referring to the white elephant in the room – waiting for updates that’ll patch up this problem. This is the issue with OEM skins and the open-source like play-box that is the Android platform.

A few manufacturers have tried to uphold their monthly security updates including Google, HTC and Samsung but when dealing with a gaping hole that has been there since 2013, we hope they do something soon.

The issue now lies in the OS keyring that allows apps to store sensitive data in the form that is encrypted so it can’t be accessed. To exemplify the dangers of this bug, the team at Perception Point replicated the exploit that replaces the keyring code stored in the memory kernel.

Particularly on Android smartphones for those on KitKat and later, the exploit will allow malicious apps to break out of the sandbox to gain control of the OS’ root functions. A more thorough explanation of the Android coding environment, you can check out our post here.

Fortunately, the team hasn’t noticed anyone abusing this vulnerability in the open. Let’s all pray it stays that way.

[ SOURCE, VIA ]

Recent Posts

Pos Malaysia launches Pos ArRahnu Gold-i: Buy and save gold from RM10

Pos Malaysia has launched Pos ArRahnu Gold-i, a new Syariah-compliant digital gold platform that enables…

2 hours ago

Mforce.Cas: Last call to enjoy RM2,400 rebate on QJ Motor, Yadea, and Zeeho electric motorcycles

The Mforce Electric Motorcycle Incentive Program (Mforce.Cas) will conclude on 15 July. Originally announced back…

15 hours ago

CSOs call Freedom of Information Bill ‘incompetent’, say it preserves secrecy over transparency

Malaysia's long-awaited Freedom of Information (FOI) Bill was supposed to make it easier for the…

19 hours ago

NanoMalaysia: Malaysia’s upcoming homegrown EV battery can help deliver over 600km of range

Malaysia will soon kick off the production of its first locally developed EV battery cell.…

19 hours ago

Why Malaysia’s growing data centre industry may need solar-plus-BESS

Malaysia has secured billions of ringgit in data centre investments over the past few years,…

21 hours ago

You can now buy Firsty travel eSIM through GXBank app: Here’s how

GXBank has announced a new partnership with Firsty, allowing customers to purchase the telco’s travel…

23 hours ago

This website uses cookies.