Follow link to Tom’s Hardware.
Researchers from the University of California Riverside have discovered a flaw in the Android operating system, that allows them to hack most Android apps between 82 and 92 percent of the time.
The way they accomplish this is by having the user install a malware-infected app, and then taking advantage of the shared memory of the apps to steal information from other apps, thereby completely bypassing Android’s permission and sandboxing security system.
The research was performed on Galaxy S3 devices running Android 4.2, but because of the way the flaw works, the researchers expect it to work on other versions of Android, too. According to them, this flaw could also theoretically affect other operating systems such as Windows and iOS as well, but they haven’t attempted hacks on those systems yet.
Gmail was the app that could be hacked the most easily, a whopping 92 percent of the time. They’ve also managed to hack into other apps such as H&R Block, Newegg, WebMD, Chase Bank, Hotels.com and Amazon. Amazon was the hardest one to break into, with only a 48 percent success rate.
The Chase Bank app allows users to pay in checks by taking pictures of them, and this feature could also be exploited through this flaw; malware could capture the photos as they are taken and then the attacker could steal all the important banking details of the user.
Apparently, accessing the shared memory the way these researchers are doing it is a rather novel way to break into apps, and something Google must have not anticipated:
“The assumption has always been that these apps can’t interfere with each other easily,” said Zhiyun Qian, an assistant professor at the University of California and one of the researchers involved in the study.
“We show that assumption is not correct, and one app can in fact significantly impact another and result in harmful consequences for the user,” he added. “By design, Android allows apps to be preempted or hijacked. But the thing is you have to do it at the right time so the user doesn’t notice. We do that and that’s what makes our attack unique.”
The way shared memory works right now on Android is also a feature that is used by many app developers, so developers aren’t expecting an easy fix to this problem without breaking compatibility for many apps. However, it’s clear Google needs to try and fix this flaw as soon as possible; otherwise, we could soon see this type of attack being used by malicious hackers in the wild, too, and not just in a research lab.
Here is the video.
So I got a call at midnight from someone who was in a very tight spot. He was doing security video work. He would get the video from the retailer and edit them down to just the bad parts. He was ready to go when he did some personal administrative stuff. the state had him download a file and it set off a Trojan. This Trojan crashed his system. He was almost in tears. He had 9 hours till presentation.
He found me on google and I rushed out there to deal with the virus. Every single video he had downloaded from the retailer had a virus on it. Low and behold there was a rootkit on the machine as well. Within 3 hours everything was clean and his data was safe. That means, however, that the retailer has viruses and a rootkit on their machines. I’ve said it before I will say it again: “use cash”. The retailer will not do anything about it. They usually don’t until they are busted.
This is wild. Some very young sounding female called me and asked for help with her homework. OK. It was just so off beat that I helped. I guess that’s my good dead for the day… um week.. Now, Just to add. I ordered a pizza and the deliveryman bought an old computer that I couldn’t get rid of to save my life! We decided to do a trade. pizza for the computer. No, seriously I’ve had it sold several times only to have the deal fall apart. So I guess now old computers are worth the price of a pizza. This week is starting out weird.
Most people don’t that modern malware is now designed to hide from popular anti-virus programs. The more popular the protection program the more demand there is from cyber-criminals that these specific anti-virus programs are defeated. This column sprung from a conversation I had with an ex-employee from the biggest anti-virus company. He said that “now the (crime) boss wants to know is whether or not it (malware) defeats Norton or not. If it doesn’t then the programmer has to rewrite it.” We went on to talk about the industry and why some anti-virus programs seem to work for a while and then fall off in performance. The reason the popular free ones work for a while and then slowly die off is because they can’t keep up with the constant changes that are required to maintain a great protection program suite. It’s a lot of money.
That’s why I have had to learn how to remove viruses and malware by hand. That is also why I will use 10 to 20 different programs while cleaning a computer. It is extremely difficult for a hacker (even a Russian one) to keep up with all of the different daily changes made to all the different scanning and fixing programs. It’s just too big a job. So they pick on the ones that they can and then move along.
What’s worse for the home user is that they can run only one protection system. If they try to run two or more then they will cancel each other out. They will also slow down your system and at times make it unstable.