It will almost certainly now be used again and again, and you need to take steps to keep yourself protected. It is suddenly very real-with two exploitations already this year. The attack vector is now very much public domain. This “new and innovative malicious threat,” Check Point says, was stopped quickly after just a few hundred installs, but it should never have been enabled in the first place. The difference here is that a malicious app was installed from the Play Store itself, rather than a third-party store, and that’s very bad news indeed. We saw the same vulnerability in January and there’s even a prescient warning from as far back as 2016. “It’s very rare to find a good use for this permission,” Check Point’s Aviran Hazum tells me, “for the most part, this is not a requested permission by legitimate apps.” The serious vulnerability is Android’s “ Notification Listening Service,” which can be enabled by a permission a newly installed app tricks users into granting, and which will allow the app to intercept and manipulate incoming messages. FlixOnline Malware on Google Play Store Check Point Research
0 Comments
Leave a Reply. |