If one day, you were asked by your dearly trusted Facebook Messenger app to log in because your session had expired, would you do that? If the answer is yes, you might have just shared your Facebook credentials with an impostor app disguised in, otherwise legit, Facebook Messenger app. A group of researchers at IBM revealed a vulnerability in the Android OS that allows evil-witted guys to mischievously replace an application you trust with something that resembles it but is meant to cause you harm instead.
Vulnerability present in Android versions 4.3 and above is affecting 55%+ Android powered devices worldwide.
“In a nutshell, advanced attackers could exploit this arbitrary code execution vulnerability to give a malicious app with no privileges the ability to become a ‘super app’ and help the cyber criminals own the device,” IBM said. The ‘Serialization’ vulnerability is explained in great detail in the paper titled “One Class To Rule Them All“.
Google provided patches that address the exploit, but their way to the end users’ devices is gonna be slow-paced and toilsome, since there are device manufacturers in-between.
As mobile addiction continues to rise, we are paying less and less attention to the legitimacy of the apps we’re installing, while relying fully on the “need an app for this purpose now” impulse. Latest discoveries in terms of vulnerabilities and exploits, plus unfortunate examples of personal data leakage fortifies the need for an increase awareness in consumers rows.
To play it safe, we at Avira highly recommend to use an advanced mobile security solution, such as Avira Antivirus Security and only download applications from trusted sources.