Tech

Samsung, LG phones vulnerable to leaked certificates, Google finds


Google’s Android Partner Vulnerability Initiative, in an acknowledgment of a major security leak, has revealed a new critical vulnerability that has affected Android smartphones from major brands like Samsung and LG, among others. Because the signing keys used by Android OEMs are leaked, rogue apps or malware can disguise themselves as “trusted” apps. This issue was reported earlier in May of this year, after which several companies including Samsung took action to control the vulnerability.

The vulnerability was brought to light by Google employee Łukasz Siewierski (through the Esper’s Mishaal Rahman). Sirwierski, through his tweets, revealed how platform certificates have been used to sign malware apps on Android.

The heart of the matter lies in a Android platform key trust mechanism vulnerability that could be exploited by malicious attackers. By design, Android trusts any app that uses a legitimate platform signing key, used to sign core system apps, through Android’s shared user ID system.

However, Android original device manufacturers (OEMs) have leaked their platform’s signing key, allowing malware creators to gain system-level permissions on the target device. This will make all user data on the specific device available to the attacker, just like another system app from the manufacturer signed with the same certificate.

Another alarming part about the vulnerability is that it doesn’t necessarily require the user to install a new or “unknown” app. Leaked platform keys can also be used to sign popular trusted apps like Bixby application on one SAMSUNG device. Users who have downloaded such an application from a third-party website will not see a warning when installing it on their smartphone, as the certificate will match the certificate on their system.

Googlehowever, it is not clear what the list of devices or OEMs have so far been affected by the critical vulnerability in public announcement. However, the disclosure includes a list of sample malware files. The platform has been there ever since report confirmed the list of affected smartphones, including Samsung devices, LG, intermediary, Xiaomi and Review.

The search giant has also suggested ways for affected companies to mitigate the current problem. The first step involves rolling out the Android platform signing keys that have been flagged as leaked and replacing them with new signing keys. The company has also called on all Android manufacturers to significantly reduce the frequent use of the platform key for one app to sign other apps.

According to Google, this issue was first reported in May. Since then, Samsung and all other affected companies have taken remedial measures to mitigate and mitigate the existing vulnerabilities. However, according to Android Police, several vulnerable keys were listed in the recent reveal. used for applications for Samsung and LG phones that have uploaded Mirror APK.

“OEM partners quickly implemented mitigations as soon as we reported a major breach. End users will be protected by user mitigations implemented by OEM partners “, Google said in a statement to BleepingComputer.

Users on Android are advised to update their firmware versions to the latest available updates to be protected from potential security flaws such as those disclosed by Google and to be cautious when downloading apps. from third-party sources.


Affiliate links can be generated automatically – see ours Moral standards for details.

news7f

News7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button