The certificates of a number of Android OEMs have recently become public as a result of a significant security breach. Millions of Android smart phones around the world are now vulnerable to malware due to this security issue.

Security researchers have raised the alarm about the development of malicious apps that can access entire Android operating systems as a result of a significant security leak. A malware engineer who works for Google, Lukasz Siewierski, reported the leak.

A number of Android OEMs, including Samsung, LG, and MediaTek, had their app signing certificates leaked, according to Google’s Android security team, making it simple for hackers to install malicious apps on devices.

What do application signing certificates do?

news, samsung, android

App signing is a critical unit of Android smartphone security. Since the key in use to sign apps should always be kept secret. This is simply a technique to ensure that app updates originate from the original creator.

Android.uid.system is a highly privileged user ID that is used by applications signed with this certificate. The latter has access to user data as well as other system rights. With the same level of access to the Android operating system, any other app that is certified with the same certificate can announce that it wants to run with the same user ID.

The issue is that several of these certificates from LG, Samsung and MediaTek appear to have been compromised and, worse, were used to sign malicious software.

Simply explained, a hacker who has a private key can infect popular apps with malware. Regardless of where the software came from. The app will get an update because the malicious version uses the same key that Android security trusts.

Gizchina News of the week



Malware could spread on Android phones by hackers

news, samsung, android

Even worse, the impacted OEMs neglected to change out the compromised keys with new ones. And failed to remove the compromised ones. Instead, they kept on using them. Samsung, on the other hand, recently delivered app updates that shared the same key. Nevertheless, Google discovered the issue for the first time in May 2022.

This suggests that malware may have been injected into legitimate Samsung apps by hackers. The infection might have surfaced as an update, made it via installation’s security checks, and gained practically complete access to your user data in other apps.

Google has taken various steps to guarantee that Android phones are secure. Such as OEM mitigations, Google Play Protect, and more. Apps available through the Play Store are reportedly secure as well. When they informed the OEM partners of the critical compromise, they moved quickly to put mitigation measures into place. Mitigations put in place by OEM partners will protect end users, according to the company.

New dangerous malware on Android

Affected companies were asked by the tech giant to “rotate the OS certificate by changing it with a new set of public and private keys”. The company stated, “They should also conduct an internal investigation. To identify the underlying cause of the problem and take action to avoid the issues from happening again in the future. Therefore, we expect that LG, MediaTek, as well as Samsung, will update their certificates. As soon as possible to protect their users from hackers.

“Google has implemented broad detections for the malware in Build Test Suite, which scans system images. Google Play Protect also detects the malware. There is no indication that this malware is or was on the Google Play Store. As always, we advise users to ensure they are running the latest version of Android”.

We will keep tracking the development related to this security issue and keep you updated as soon as possible.

Source/VIA :

Lukasz Siewierski

TECH NEWS RELATED

Samsung Galaxy S23 Series prices unveiled: Launch to take place on February 1

Samsung is all set to launch the Galaxy S23 Series during the Unpacked Event on February 1. Ahead of the launch, various reports keep revealing details about the specs, and features of the 3 devices- Galaxy S23, Galaxy S23+, and Galaxy S23 Ultra. Now, the latest is that the ...

View more: Samsung Galaxy S23 Series prices unveiled: Launch to take place on February 1

Samsung is working on Lifelike Pixels for OLED screens

Just days before unveiling the Galaxy S23 series, Samsung applied for a trademark for a new display technology that will be used in future products. The South Korean firm’s display manufacturing arm appears to be making improvements to its already stellar OLED technology. In South Korea, Samsung has applied ...

View more: Samsung is working on Lifelike Pixels for OLED screens

Samsung, KDDI complete SLA network slicing on a live 5G SA network

In an official newsroom post, Samsung announced that it, along with KDDI, has successfully completed the demonstration of Service Level Agreements (SLA) assurance network slicing on a live 5G SA (Standalone) network in Tokyo, Japan. This is the first time in the industry that companies have generated multiple slices ...

View more: Samsung, KDDI complete SLA network slicing on a live 5G SA network

Latest Windows 11 beta brings cloud storage settings to Galaxy Book

Microsoft is rolling out two new beta builds for Windows 11 laptops and PCs, and you can install them on your Galaxy Book. Windows 11 beta build 22623.1180 is rolling out with new features, while the Windows 11 beta build 22621.1180 update brings features that are turned off by default. ...

View more: Latest Windows 11 beta brings cloud storage settings to Galaxy Book

Galaxy A52s 5G’s January 2023 update brings Maintenance Mode

Samsung has released the January 2023 security update to many smartphones and tablets. Now, the company has released a new update to the Galaxy A52s 5G as well. The latest Galaxy A52s 5G software update comes with firmware version A528BXXU1DWA4. The update comes with the January 2023 security update ...

View more: Galaxy A52s 5G’s January 2023 update brings Maintenance Mode

Carrier-locked Galaxy Z Flip grabs January 2023 security update in the US

The Galaxy Z Flip was one of the first devices to get the January 2023 security patch. However, back then, Samsung rolled out the update only to the international LTE and the 5G variants of the device. Today, the company is making the January 2023 security patch available for ...

View more: Carrier-locked Galaxy Z Flip grabs January 2023 security update in the US

Galaxy XCover Pro, XCover 5 get January 2023 security update

Samsung started rolling out the January 2023 security patch to its smartphone right from the first day of the year. So far, the company has pushed the latest security update to many Galaxy S, Galaxy Note, Galaxy M, Galaxy A, and Galaxy Z series devices. Now, Samsung has started ...

View more: Galaxy XCover Pro, XCover 5 get January 2023 security update

You can no longer use Google Voice Smart Reply on your Samsung phone

With the latest update to Google Voice, Google has removed the Smart Reply feature from the app. This feature is no longer supported on your Samsung or any other Android phone. Also, this feature isn’t available on iOS either. Google added the Smart Reply feature to Google Voice last ...

View more: You can no longer use Google Voice Smart Reply on your Samsung phone

Galaxy Z Fold 4 gets served with January 2023 security update

Galaxy M31 starts getting January 2023 security update

Check out the features of the new Bespoke 4-Door Flex with Family Hub+

Xiaomi phone with Samsung E6 OLED breaks Android display brightness record

Galaxy S20 FE gets January 2023 security update

Samsung is reportedly making OLED displays for iPad Pro, MacBook Pro

Galaxy S10 5G gets January 2023 security update

Third-party Twitter apps are now officially dead

Samsung’s new OLED screen can be folded inward and outward

Galaxy Z Flip 4 gains January 2023 security update

Daily Deal: Samsung’s most stylish flash drive gets 63% price cut

US pricing has leaked for Samsung’s Galaxy S23 series – it’s good news

OTHER TECH NEWS

Top Car News Car News