The latest Android security vulnerability, dubbed Janus, uncovered malicious actors that can bypass app signatures and inject malicious code into Android apps. Plus, malware-infested mobile apps again are on the rise.
GuardSquare security researchers discovered the vulnerability (CVE-2017-13156), which put millions of Android devices in danger, last summer and reported it to Google, which patched the hole among four dozen vulnerabilities as part of its December Android Security Bulletin.
“This vulnerability is significantly different as it would allow an attacker to augment or inject code into an application on a non-rooted device without disrupting the application's signature. For example, this could mean changing the behavior of a banking app to exfiltrate credentials,” mobile app security expert, Rusty Carter, VP of product management at San Francisco-based application protection solution firm Arxan, said.
Continue Reading for Free
Register and gain access to:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.