- Small Business Trends - http://smallbiztrends.com -
Research: Malicious Apps Can Crash Android Phones, Cause Data Loss
Posted By Joshua Sophy On March 28, 2014 @ 3:30 pm In Technology Trends | 5 Comments
What if someone deleted all the data on your smartphone?
If you have an Android phone, that may be more of a reality than just a rhetorical question.
In fact, recent research suggests there may be some serious vulnerabilities in the Android operating system. Tests of these vulnerabilities revealed phones with Android operating systems could be put into an endless loop of system crashes. Researchers speculate it could also culminate in all the data on your phone being erased.
According to researchers, attacks can be launched from seemingly innocent apps on the Google Play Store. It is not clear whether any current attacks of this kind are underway, however. Hackers could simply use a hidden file triggered after a certain amount of time or as soon as the smartphone is powered on. The file could cause a denial-of-service (DOS) attack which would make the operating system permanently unavailable.
On TrendMicro’s Security Intelligence Blog, mobile threat analyst Veo Zhang explains :
“We believe that this vulnerability may be used by cybercriminals to do some substantial damage on Android smartphones and tablets. The device is stuck in an endless reboot loop, or a bootloop. This can render the device unusable, which some may consider “bricking” it.”
If this happens on your smartphone and these hidden files are launched, one of two scenarios can happen, based on the research conducted:
Devices running Androids 2.3, 4.2.2, and 4.3 are known to be vulnerable to the attack, ArsTechnica reports .
But what’s worse, Bouncer, the cloud-based scanner Google uses to detect suspicious apps in the Google Play store is also vulnerable to the attack. Researcher and hacker Ibrahim Balic reports  on his blog he was also able to create a denial of service on Google Play. He said he did this simply by uploading an app with the appropriate trigger file to the site.
Phone Crashed  Photo via Shutterstock
Article printed from Small Business Trends: http://smallbiztrends.com
URL to article: http://smallbiztrends.com/2014/03/research-malicious-apps-denial-of-service.html
URLs in this post:
 explains: http://blog.trendmicro.com/trendlabs-security-intelligence/new-android-bug-causes-bricked-devices/?
 ArsTechnica reports: http://arstechnica.com/security/2014/03/malicious-apps-can-brick-android-phones-erase-data-researchers-warn/
 reports: http://ibrahimbalic.com/2014/android-vulnerability-affected-google-play-bouncer-emulator/
 Phone Crashed: http://www.shutterstock.com/pic-181562732/stock-photo-confused-looking-indian-business-male-on-a-smartphone-with-office-background.html