More

    Samsung devices vulnerable to malware apps due to security leak

    Millions of Android devices, including Samsung, appear to have been left vulnerable by a major security leak. This isn’t as much a vulnerability as it is an actual leak of a critical component used by device manufacturers who rely on Android OS.

    More specifically, Android OEMs, including LG, Samsung, and others, have had their platform signing keys leaked. A signing key ensures that the version of Android on a device is legitimate. In addition, the signing key can be used by individual apps, meaning that Android will trust any app that shares the same signing key as the operating system. (via @maldr0id / 9to5Google)

    In theory, this can allow a malicious party to attach malware to a trusted app and go unnoticed. It wouldn’t matter if a new app version contains malware. As long as the app is signed using the same key as the OS, it would be considered a trusted update, regardless of whether it came from the Galaxy Store, the Play Store, or other sources. That is, in theory. Google claims that no such vulnerable apps have made it onto the Play Store, which is good news.

    Samsung already took measures to minimize risks

    Aside from Samsung, other mobile brands affected by this security leak are LG, MediaTek, szroco, Revoview, and there may be others.

    The issue was originally reported in May 2022, and thankfully, Google says that Samsung (and other manufacturers) have “taken remediation measures to minimize the user impact.” The statement is a bit fuzzy, and it’s unclear which apps are still vulnerable to this security issue or to what extent. But measures were set in place to minimize the risk of getting malware. And thankfully, Google also said that the exploit hasn’t been found in any apps available through the Play Store, and ensured that Play Protect offers a layer of security against these vulnerabilities.

    The post Samsung devices vulnerable to malware apps due to security leak appeared first on SamMobile.

    This content was originally published here.

    Latest articles

    spot_imgspot_img

    Related articles

    Leave a reply

    Please enter your comment!
    Please enter your name here

    spot_imgspot_img