Sun 05 May 2024:
Users of Android should be on the lookout for undetectable attacks that could empty their accounts without their knowledge.
Recent findings by Microsoft researchers reveal a significant vulnerability in Android apps, making them susceptible to various forms of attacks, including data theft and malware infiltration.
Reportedly, these security weaknesses have been detected in several widely-used Android apps, collectively downloaded over 500 million times. However, the specific names of these apps have not been disclosed.
Known as “Dirty Stream”, these malicious apps send a file with a manipulated filename or path to another app.
This provides the attackers an opportunity to create a fake app that can send a file with a malicious filename directly to a receiving app without the user’s approval or knowledge.
Common targets for these malicious file transfers include email clients, messaging platforms, social media apps, web browsers, and file editing tools.
As per Microsoft, “When a share target receives a malicious filename, it uses the filename to trigger a process that could end with the app getting compromised.”
In some cases, an attacker may be able to persuade a receiving app to exchange authentication tokens and other data with a server under their control by using a malicious app to rewrite the app’s settings.
Microsoft officials have also informed Google’s android security team of the impending problem.
SOURCE: INDEPENDENT PRESS AND NEWS AGENCIES
______________________________________________________________
FOLLOW INDEPENDENT PRESS:
WhatsApp CHANNEL
https://whatsapp.com/channel/0029VaAtNxX8fewmiFmN7N22
TWITTER (CLICK HERE)
https://twitter.com/IpIndependent
FACEBOOK (CLICK HERE)
https://web.facebook.com/ipindependent
YOUTUBE (CLICK HERE)
https://www.youtube.com/@ipindependent
Think your friends would be interested? Share this story!