Hackers use Android 'master key' exploit in China

Updated on: 2013-07-25 || Source: bbc.com

A security firm says it has identified the first known malicious use of Android's "master key" vulnerability.

The bug - which was first publicised earlier this month - allows attackers to install code on to phones running Google's mobile operating system and then take control of them.

Symantec said its researchers had found two apps distributed in China that had been infected using the exploit.

Google has already taken moves to tackle the problem.

A fortnight ago it released a patch to manufacturers, but it will not have been sent to all handset owners yet.

Google also scans its own Play marketplace for the exploit, but this will not protect consumers who download software from other stores.

Premium texts

The vulnerability was first reported by security research firm BlueBoxon 3 July.

All Android apps contain an encrypted signature that the operating system uses to check the program is legitimate and has not been tampered with.

But BlueBox said it had found a way to make changes to an app's code without affecting the signature.

It warned the technique could be used to install a Trojan to read any data on a device, harvest passwords, record phone calls, take photos and carry out other functions.

According to Symantec, hackers have now exploited the flaw to install malware called Android.Skullkey, which steals data from compromised phones, monitors texts received and written on the handset, and also sends its own SMS messages to premium numbers.

It said the Trojan had been added to two legitimate apps used in China to find and make appointments with a doctor.

Android phonesThe fragmented nature of the Android market means updates take time before they become available

"We expect attackers to continue to leverage this vulnerability to infect unsuspecting user devices," its report warned.

"Symantec recommends users only download applications from reputable Android application marketplaces."

The firm added that affected users could manually remove the software by going into their settings menu.

One telecoms consultant said the news highlighted the difficulty Google had in distributing changes to Android.

"When Google releases its updates, manufacturers want to check them and then network operators also want to certify the code as well," said Ben Wood, director of research at CCS Insight.

"It's a consequence of having so many different firms making Android devices, with most running their own user interfaces on top.

"By contrast, Apple just pushes its updates directly to consumers."


Blackphone 2 'privacy' Android handset revamped
Security firm Silent Circle has revamped its smartphone that helps people manage personal data.
Chinese smartphones mount massive web attack
More than 650,000 Chinese smartphones have been unwittingly enrolled in a massive attack that overwhelmed a web
Hilton investigates hack claims
The Hilton hotel group has said it is investigating claims its US shops and gift stores may be the source of
Twitter website 'blocked' in Turkey
Twitter users in Turkey report that the social media site has been blocked in the country.


Sign up to received our free newsletter!
E-mail ID:


Views: 5158 Times
Spelling and Grammar Checking in Word 2007 READ MORE
Views: 2935 Times
IP traffic to grow 29 percent per year through 2016: Cisco READ MORE
Views: 2870 Times
UK industry to build Solar Orbiter satellite READ MORE
Views: 6042 Times
Add A Photo To My Computer Properties READ MORE
Views: 7629 Times
Automatically Shutdown Your PC READ MORE

Home|IT News|Computer Tips|Video Tutorials|Download Softwares|Subjects|Contact Us
Copyright © 2019. Jumbo Education (Information Technology). All rights reserved.
Free counter and web stats

Large Visitor Globe