fbpx

Android’s ‘PackageInstaller’ Vulnerability a Gateway to hack Devices

A security flaw was found in the Android‘s ‘PackageInstaller’ system service that provides path to the hacker to hijack the installation process of a third-party Android app, which seems pretty safe to user and replaces it with a Malware (infected app of his choosing).

The security flaw was reported to Android by the teamof security researchers (Ryan Olson, Huagang Xie, Claud Xiao, Colt Blackmore, and Taylor Ettema) from the Palo Alto network. Palo Alto previously worked with Google, Amazon and Samsung to report vulnerabilities and then issue their patches. The company discovered this vulnerability in January last year and reported it to Android security team, Amazon and Samsung.

This vulnerability is so severe that the users passwords and sensitive information are not safe. They can be hijacked through the infected app which was installed through the third-party. Around 49.5 percent Android users were infected by this app before it was patched by the Android (on its latest versions only).

The Google also released a statement today that ” The Android Security Team has not detected any attempts to exploit this vulnerability on user devices.” Google also added that the Android 4.3 and later versions are not vulnerable to this flaw. But the researchers from Palo Alto said the older version users are not safe from this Vulnerability. 
So, the Android users who have older version android devices should avoid installing apps from the third party. This vulnerability affects Android device users as well as Android app developers. For Android device users, the users may end up with installing apps that are not the ones they agree to install.
Android app developers are also affected, because app-store apps and
mobile ads libraries that do not rely on Google Play store would be
likely to save the promoted apps in unprotected storage, example ‘sdcard’.
Like the example we show with Amazon appstore app, the unprotected
storage in sdcard may allow attackers to replace the promoted apps with
malware apps.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...