Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Upgrading Your Android, Elevating My Malware - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Upgrading Your Android, Elevating My Malware

A new study[1][2] by Indiana University Bloomington show that updating any Android device can allow an attacker to escalate apps privileges.

The researchers have discovered a new type of vulnerability called Pileup flaws, the vulnerability exist in the Package Management Service.

When a new app installed on old version of Android request a permission for features that don’t exist on that version of Android, however when the user upgrade to the new version, Android keeps all the permissions which mean that they will work in the new version of Android.

 

The researchers have developed a detection service, called SecUp, which deploys a scanner on the user’s device to capture the malicious apps designed to exploit Pileup vulnerability.

Like many other threats, the best mitigation is installing trusted software only.

 

 

 



[1] http://www.informatics.indiana.edu/xw7/papers/privilegescalationthroughandroidupdating.pdf

 

[2] http://www.scmagazine.com/pileup-flaws-enable-privilege-escalation-during-android-updates-researchers-find/article/339854/

Basil

56 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!