Android "Fake ID" Vulnerability Allows Malware to Impersonate Trusted Apps
Jul 30, 2014
Due to the majority in the mobile platform, Google's Android operating system has been a prior target for cybercriminals and a recently exposed weakness in the way the operating system handles certificate validation, left millions of Android devices open to attack. Researchers at BlueBox security , who identified the vulnerability, dubbed the flaw as Fake ID , which affects all versions of Android operating system from 2.1 ( released in 2010 ) up to Android 4.4, also known as KitKat . ALL VERSIONS ARE VULNERABLE UPTO KITKAT Researchers marked the vulnerability as critical because it could allow a fake and malicious app to masquerade as a legitimate and trusted application, enabling an attacker to perform various actions such as inserting malicious code into a legitimate app, infiltrating your personal information or even take complete control of an affected device. Specifically, devices running the 3LM administration extension are at risk for a complete compromise, whic...
