Operators and computer security experts are asked to be careful to work with the owners of the popular mobile platform. This malicious program is dangerous for all versions of Android, released before 4.2.2 (Jelly Bean). To avoid contamination, experts advise not to install programs from dubious online sources .
"We have discovered a critical vulnerability in the operating system Android. Bug allows attackers to install on smartphones and tablets running the OS malicious code that allows you to easily make changes to the functionality of the programs themselves . If you do not break the cryptographic signature of the program , which is why the application and passes Android", - said representatives of the Computer Emergency Response Team-India (CeRT-In).
Presented malware can be used to steal personal information, including e-mail addresses, IMEI- number, SMS and even installed applications. Moreover, the system can send SMS and make calls from infected devices without user consent.
Typically, the malware is distributed along with other quite legitimate applications. Verification of the program is carried out on Android first file in the package, and all the other files in the infected host. APK penetrate into memory, bypassing the built-in security system.
Experts advise to watch closely what permissions are required when installing the program, and do not install applications from untrusted sites.
Source: http://timesofindia.indiatimes.com
No comments:
Post a Comment