Android security breach leaves users vulnerable

By Aileen Graef   |   March 25, 2015 at 4:48 PM
share with facebook
share with twitter
| License Photo

CUPERTINO, Calif., March 25 (UPI) -- The Android operating system has been affected by a bug downloaded through apps that can gather users' sensitive information.

Palo Alto Networks detected the breach and notified Google and Samsung so they may warn customers and remedy the problem.

The bug is called the "Android Installer Hijacking" where an app downloaded to a device is replaced by an app with malicious software that copies sensitive information kept on the phone. The apps are in question are not, however, from the Google play store but from third-party distributors such as the Amazon store.

"The danger is that this vulnerability allows all privileges to be installed regardless of what permissions users were told about," Ryan Olson, director of Palo Alto Networks' Unit 42 Intelligence Lab, told the Christian Science Monitor.

The bug can affect users of Android with versions 4.4 or earlier. Palo Alto Networks has developed an app for Android users to scan their phone for the malicious software.

Related UPI Stories
Topics: Google, Palo Alto
Trending Stories