Thursday, November 8, 2012

A new SMS-vulnerability in Android found

Programmers from North Carolina State University have discovered a vulnerability in the operating system Android, with which you can send SMS-messages from one application to another, bypassing the mobile network operator. Experts warn that once a vulnerability can be used for SMS-phishing. Previously, the same research team from North Carolina has identified dozens of malicious apps in the store Google Play, and in 2011 developed a rootkit that captures data about the calls.

The final presentation of the vulnerability Write_SMS Capability Leak says that vulnerability can be used without any additional privileges on a system. "Vulnerability Android-running application to generate fake SMS-message, which can then be communicated to the user phone or to another application. We believe that the vulnerability could be used to organize phishing attacks," - said in a statement.

Recall that in 2010, Android has already been found several dangerous vulnerabilities associated with sending SMS. Estimated antivirus company Symantec, now Google Play placed about 200 applications, which are somehow involved in SMS-fraud.

No comments:

Post a Comment