Android Vulnerability – 99% of Android Devices Could be Affected

Why prefer Android hackers
Jumia Brand Festival Sale 2022

Last week, Bluebox Security, a security firm, uncovered a 4 year old vulnerability in Android’s security system. According to Bluebox, the vulnerability allows a hacker to modify the APK code of an Android application without breaking its cryptographic signature, making its potential harm undetectable by the Android security and authentication system.

Where to Buy Smartphones from ₦27,999.00 Buy Now

Android Trojan Vulnerability

According to Bluebox this vulnerability has been around for at least since Android 1.6 and could affect any Android device released in the last four years or potentially over 900 million Android devices.

Cryptographic signature enables Android to verify whether an app is legitimate or whether it has been tampered with. Modifying an app should change its signature allowing Android to detect any changes.

However, this vulnerability allows for a hacker to modify an app without breaking the signature, deceiving the Android security system, the phone, and/or the app store into thinking that the app is unchanged.

Bluebox security revealed that with this vulnerability, a hacker can install a malicious Trojan as a legitimate app and use it to read data like SMS, emails, and documents from Android devices. They can even turn on your camera and take photos with it as well as record your calls, retrieve your saved passwords, send SMS, and make calls with your Android devices.

Google has fixed the Vulnerability, But

However, Google has fixed the vulnerability and has sent patches to its OEM partners. Bluebox claims it alerted Google of the vulnerability since February, so the company has had ample time to rectify the problem.

According to reports, Samsung and a few other OEMs have already started shipping devices running the fixed Android. However, existing devices remain vulnerable until OEMs and carriers release updates.

Given the fragmentation and customisation involved in Android, this update may take weeks, months or even forever to get to existing Android devices. The situation for Android users in Nigeria may even be more hopeless, given the reputation of some of the Android vendors that operate in the country. So, it is your duty to protect yourself.

For now Google has upgraded the security at the Google Play Store to identify apps exploiting this Android vulnerability. This means that downloading your apps from the Google Play Store will keep your device safe for now. Downloading your apps from unofficial Android stores increases the chances of your Android devices being affected by this vulnerability.

So, if you are in Nigeria, stick to Google Play Store.

Want to Buy an Android Phone? Click Here

Buy and Sell Bitcoin at Best Rates

More on Android

Paschal Okafor is NaijaTechGuide Team Lead. The article Android Vulnerability – 99% of Android Devices Could be Affected was written by Paschal Okafor. The article was last modified: February 27th, 2022
Sage Business Cloud
NaijaTechGuide may receive financial compensation for products/services purchased through affiliate links on this site. See full Affiliate Disclosure Here
Previous articleDell Laptops Deals – Dell Vostro & Inspiron
Next articleSamsung Galaxy Tab 3 7.0 Specs & Price
Paschal Okafor is the founder of NaijaTechGuide. Over the past 15 years, he has managed to turn a blog that started life on a Google Blogger subdomain into the Largest Technology Blog in Nigeria and quite possibly the largest in Africa. Paschal has been building, analyzing, and maintaining websites for over 17 years and can offer you his wealth of experience to help you get the best results for your blog or website.