In this digital era, where our convenience is increasing daily, the risk of digital vulnerabilities is also expanding. Recently, a dangerous malware application has been found on devices booted with the Android operating system. This malware application leads to major security leaks through various entrusted devices manufactured by Samsung and other OEMs. This issue has been disclosed by the Android Partner Vulnerability Initiative (APVI) of Google.
The main trouble is the platform signing key of many Android OEMs has been leaked outside, which is used to ensure the validity of the version of Android on which the device is running. The same key could also be used to sign different individual applications. As the key has been leaked and got the hold of the malicious attacker, he could give malware full, system-level permission on the affected device by using those. Consequently, he will access the whole data available in the affected device.
Notably, those threats don’t appear with the installation of the new or unknown application but can be delivered through any trusted and pre-installed application with the platform signing keys. While the attacker is adding malware to any application, Android OS will take it as an update because of the trustworthy signing keys. It can affect a trusted app such as Bixby, even if it is installed through the Google Play Store or Galaxy Store. Therefore, it will be hard to determine which application is actually affected by the malware vulnerability.
However, as mentioned above, Samsung is not the only manufacturer whose devices are being affected; other manufacturers, such as LG, are also included in this list because their keys have been leaked. Besides the smartphone manufacturers, MediaTek, which is a semiconductor manufacturing company, is also present in the list of OEMs whose keys are now under attacker’s hold. Other affected manufacturer’s names are listed below-
- Samsung
- LG
- Mediatek
- Szroco
- Revoview
To reduce the threat of this malware vulnerability, affected companies should change their Android platform signing keys and avoid using the affected one, as Google’s brief explainer suggested. Google also urged Android manufacturers to decrease the use of these keys, and they can be used to sign in to the neediest applications that demand the highest level of security. By doing these things regularly, we can also minimize possible future leaks.
Albeit, Google clarified that devices are protected from this particular malware threat in various ways, like Google Play Protect, mitigation, and more. It has also been seen that this exploit is unable to make its way into the applications distributed through Google Play Store. Even then, to avoid this kind of threat, we are recommending you stop sideloading applications on your device, even if you are updating an already available device. And if you do so, be sure that you trust the respective file completely.
Another way to reduce the menace is to keep your device secured and up to date and ensure that your device has the latest firmware update. If your device is not on the list of devices that tend to receive regular updates, it will be better if you upgrade/change the device to avoid security threats.