Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

Shop online 24hrs a day or call us Mon-Fri
8:30AM-4:30PM EST - 1-800-915-2088
WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

Android Fake ID Puts Your Phone At Risk

Tuesday, August 5th, 2014 by | Filed Under: Android, Security Help
 
Loading...


Bluebox security is warning Android users of a critical flaw in the operating system that lets Malware  impersonate trusted applications. Apps have their own ID, that’s normally put in by the developer. This prevents the the wrong people from making changes to the app like changing the programming.

Bluebox says a flaw they are calling Fake ID lets malware pretend to be certain trusted apps without an user notifications. This flaw could be used to impersonate and app like Google Wallet and gain information to your bank records or to insert some type of Trojan horse into an app. They could possibly even take control of the entire device.

The scary part is that they say this issue has existed since January 2010 and affects all devices prior to Android 4.4 KitKat. Any device not patched for Google bug 13678484 is affected.  Bluebox outlined how the malware could use  infect a program like Adobe System webview, elevate the privileges of that app and then inject code into other apps. The malware could be able to all of that app’s data and be able to do anything that app is able to do.

Android applications use digital certificate signatures to verify permissions, but this new flaw undermine the validity of the entire signature system. The signature can claim to be issued by anyone and it will trick certificate-checking code into believing it is genuine.

A hacker could create a single piece of malware that carries multiple fake IDs and goes after several applications at once. 

Many device makers have already issued patches for this problem and more are on the way.  Google says they’ve seen no evidence that anyone has taken advantage of this issue. Bluebox is offering up the Bluebox Security Scanner for free at the Google Play Store. It will scan your device and check for the problem.

~ Cynthia

Tags: , , , , ,

Leave a Reply


Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.


Enter Email Address:

Subscribe

Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup



Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Subscribe


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive


Categories:
Archives: