fbpx

Android’s ‘PackageInstaller’ Vulnerability a Gateway to hack Devices

A security flaw was found in the Android‘s ‘PackageInstaller’ system service that provides path to the hacker to hijack the installation process of a third-party Android app, which seems pretty safe to user and replaces it with a Malware (infected app of his choosing).

The security flaw was reported to Android by the teamof security researchers (Ryan Olson, Huagang Xie, Claud Xiao, Colt Blackmore, and Taylor Ettema) from the Palo Alto network. Palo Alto previously worked with Google, Amazon and Samsung to report vulnerabilities and then issue their patches. The company discovered this vulnerability in January last year and reported it to Android security team, Amazon and Samsung.

This vulnerability is so severe that the users passwords and sensitive information are not safe. They can be hijacked through the infected app which was installed through the third-party. Around 49.5 percent Android users were infected by this app before it was patched by the Android (on its latest versions only).

The Google also released a statement today that ” The Android Security Team has not detected any attempts to exploit this vulnerability on user devices.” Google also added that the Android 4.3 and later versions are not vulnerable to this flaw. But the researchers from Palo Alto said the older version users are not safe from this Vulnerability. 
So, the Android users who have older version android devices should avoid installing apps from the third party. This vulnerability affects Android device users as well as Android app developers. For Android device users, the users may end up with installing apps that are not the ones they agree to install.
Android app developers are also affected, because app-store apps and
mobile ads libraries that do not rely on Google Play store would be
likely to save the promoted apps in unprotected storage, example ‘sdcard’.
Like the example we show with Amazon appstore app, the unprotected
storage in sdcard may allow attackers to replace the promoted apps with
malware apps.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...

Cyber Physical Systems for Smart Grid Applications

The smart grid is an emerging paradigm for more reliable and efficient power delivery. It requires monitoring, controlling, and managing the power grid in...

How Is Hospital Critical Infrastructure Protected?

Hospitals hold a lot of sensitive data. When they are hacked, patient information is exposed, putting patients at risk because the hackers can use...

Software Engineering for Cyber-Physical Systems

Cyber-physical systems (CPS) are engineered systems that integrate computation, networking, and physical process. CPS classifies in many ways, including their scale, embeddedness, and the...