New Delhi: There is bad news for the users of Android smartphones like Samsung, LG, Xiaomi. According to the report, the details of a reliable Malware Attacks program of the devices of these smartphone companies have been leaked, due to which the security of millions of devices has been revealed to be weak. It is claimed that by taking advantage of this, hackers can hack users’ smartphones by installing fake apps or malware as trusted apps.
Citing a Google Android Partner Vulnerability Initiative (APVI) report, according to a malware reverse engineer at Google, the new flaws could allow malicious programs to tamper with the affected device’s system.
Engineer Łukasz Siewierski shared APVI’s findings on Twitter. It has been said in the report that the platform signing of many Android OEMs has been leaked outside the respective companies. By design, Android relies on the same Key app for signing that is used to sign the operating system.
Explain that this key ensures that the Android running on the device is legal and made by the manufacturer. The same key is used to sign in to different apps. Since many Android OEM’s keys are now available to scammers, they can use those app-sign keys to access Android’s shared user ID system and give all permissions to malware programs on affected devices. In other words, due to these flaws, attackers can gain access to all the data on the affected device.
Bixby app use to sign phone
The report further mentions that these Android flaws are not only caused by a new or unknown app, but also by system apps, as leaked keys are used for common apps. In this case, the Bixby app that comes in the phone can be used to sign in on at least some Samsung phones.
Will work on all apps
Through this, a hacker can add malware to a trusted app and sign it with authentic leaked keys, so that Android thinks it’s an update. As noted by 9to5Google, this will work for all apps, whether an app comes from the Play Store, Samsung’s Galaxy Store, or is sideloaded to the phone.
The keys of these companies were leaked
Notably, the APVI report does not list which OEMs were affected, but samples uploaded to VirusTotal revealed that these keys could be from companies such as Samsung, LG, MediaTek, Revoview, and szroco.
Preparations had already been made
Google mentioned in its disclosure that all the companies were informed about the flaws to OEMs since they were reported in May 2022. These smartphone brands have already taken remedies to deal with such security leaks. However, according to APKMirror, some vulnerable keys were used by Samsung in the Android app in the last few days.
