Android on-body detection

Run this app to see if your Android device is vulnerable

Palo Alto Networks created an app designed to check our Android device to see if it suffers from a critical security vulnerability its researchers discovered more than a year ago. Palo Alto Networks just revealed details of the flaw this week, stating that it has worked with Google and Android device manufacturers to close the gap for the past year. Nearly half of all Android devices are potentially vulnerable, though, so millions of Android users might still be exposed to risk.

I wrote a blog post about the security vulnerability and the Palo Alto Networks app:

This app could save your older Android phone from being hijacked. Specifically, the Installer Hijacking Scanner app from the Google Play store is designed to check for a vulnerability that was discovered over a year ago and still hasn’t been resolved.

Palo Alto Networks revealed information Tuesday about a critical vulnerability affecting Android. The flaw was initially discovered in January, 2014. Palo Alto Networks has been working closely with Google and Android device manufacturers to resolve the issue since then. The flaw, dubbed “Android Installer Hijacking,” is estimated to impact nearly half of all Android devices.

The vulnerability affects the Time-of-Check to Time-of-Use (TOCTTOU) function of Android. Exploiting the flaw allows an attacker to hijack app installation and replace or modify an otherwise benign Android app installation with malware without the user’s knowledge. According to Palo Alto Networks the malicious app is able to gain full access to the compromised device—including usernames, passwords, and other sensitive data.

The issue is a problem only when downloading apps from third-party repositories. Apps installed from Google Play are downloaded to a protected space within the file system. Third-party app stores, on the other hand, typically download files to unprotected storage and installed directly from there. The TOCTTOU flaw enables an attacker to modify or replace the file during installation without alerting the user.

Check out the full article at PCWorld: Run this Installer Hijacking Scanner app to see if your older Android phone is at risk.


Comments are closed.

Scroll to Top