A new report on Tuesday by cyber-security firm Palo Alto Networks Inc (NYSE:PANW) has found that attackers are installing malware in many of Google Inc (NASDAQ:GOOGL)’s Android smartphones without knowledge of its users. A CNBC article reported on the news and discussed about the vulnerability present in several Android smartphones and how attackers can use it to accomplish their objectives.
“This Android vulnerability means users who think they’re accessing legitimate applications with approved permissions may instead be exposed to data theft and malware,” said Ryan Olson, Intelligence Director at Palo Alto Networks.
Attackers can take advantage of this Android vulnerability by getting access to users’ usernames, passwords and other confidential data that might be present in the smartphones. According to Palo Alto Networks Inc (NYSE:PANW), approximately 49.5 percent, nearly half of total current Android devices, could be facing this security threat.
When Android users download apps from sources other than the Google Play store, “Android Installer Hijacking” becomes possible, which is a technique used by attackers to essentially intercept the installation steps on Google Inc (NASDAQ:GOOGL)’s mobile operating system. The Android operating system also warns its users when they try to download and install an application from any third party app provider.
When users try to install a new application, permissions for that specific application are shown in front of them. These permissions, if granted by clicking “next” and “install” by users, allow that app to carry out certain functions in the phone like accessing contacts, messages, and modifying or deleting the contents of the SD card. Vulnerability is present at the point where users are granting their permission, as an attacker can modify the code in the background, changing the permissions of the app without the users’ awareness.
According to Palo Alto Networks Inc (NYSE:PANW)’s report, this vulnerability might be present in Android’s 4.3 and its earlier versions. Android version 4.4 and versions above that have fixed the issue. According to Google Inc (NASDAQ:GOOGL), it has released a patch to fix the vulnerability issue in Android 4.3 and later. Google Inc said that the Android Security Team has not found any attempts to exploit this vulnerability on peoples’ devices. Amazon.com, Inc. (NASDAQ:AMZN) has also urged its customers through a statement to upgrade to the latest version of its app store.
I just made 84% in 4 days by blindly imitating a hedge fund’s stock pick. I will tell you how I pulled such a huge return in such a short time but let me first explain in this FREE REPORT why following hedge funds’ stock picks is one of the smartest things you can do as an investor. We launched our quarterly newsletter 2.5 years ago and not one subscriber has, since, said “I lost money by EXACTLY following your stock picks”. The reason is simple. You can beat index funds by creating a DREAM TEAM of hedge fund managers and investing in only their best ideas. I just made 84% in 4 days by blindly imitating one of these best ideas. CLICK HERE NOW for all the details.
