Android Flaw Poisons Signed Apps with Malicious Code

Discussion in 'Tech news' started by silversurfer, Dec 9, 2017.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    Among the four dozen vulnerabilities Google patched this week was a fix for a bug that allowed attackers to inject malicious code into Android apps without affecting an app’s signature verification certificate. The technique allows an attacker to circumvent device anti-malware protections and escalation privileges on targeted devices with signed apps that appear to be from trusted publishers, according to researchers.

    The vulnerability, dubbed Janus, was discovered earlier this summer by Eric Lafortune, CTO of GuardSquare. He reported the bug (CVE-2017-13156) to Google in July. Google patched the vulnerability as part of its December Android Security Bulletin. Public disclosure of the bug was Thursday.

    Source: https://threatpost.com/android-flaw-poisons-signed-apps-with-malicious-code/129118/
     
  2. Google Adsense

  3. revC0de

    revC0de MTAC Moderator Staff Member

    Once a malware has a library injected, it can do quite a few things, like dynamic API hooking/tracing/patching and generally speaking to trick the process from the inside.
     
    daljeet, RGiskardR and silversurfer like this.

Share This Page