Malicious Android app Sneaks Past Permissions!
Researches were able to extract device’s data through remote access!
Researchers have built an Android app that sails right past the smartphone software’s permissions protocol and could enable a hacker to install and run corrupt code on a target’s mobile device.
The proof-of-concept app, as described in a blog post by the security firm ViaForensics called “No-permission Android App Remote Shell,” gives its creators remote access to an infected Android device. The app exploits Android’s permissions system, which is designed to put security in the hands of customers by giving them explicit control over what capabilities each app can perform.
This is yet another blow to Google’s massively popular but vulnerable smartphone operating system, which has been hit with a multitude of malware attacks in the past few months.
The ViaForensics app, as shown in a video on the company’s website, gave researchers the ability to extract data about the target device and read data form the SD Card and send it back to its server.
Thomas Cannon, director of research and development at ViaForensics, wrote that the functionality the app exploits is not new, and has “been quietly pointed out for a number of years.” Read More: http://www.msnbc.msn.com/id/45755384/ns/technology_and_science-security/t/malicious-android-app-sneaks-past-permissions/#.TvMBg7KaDIU