EXECUTIVE SUMMARY:

Security experts used to say that apps with hundreds of millions of downloads were a pretty safe bet. You could download them onto your phone without much worry.

However, recent research shows that 14 Android apps with hundreds of millions of downloads are vulnerable to attacks. If these attacks are successful, hackers could retrieve users’ personal login information, private messages, and other sensitive details.

How does this work? The attacks could be conducted through a certain piece of code that exists in a lot of popular apps.

The technical perspective:

The vulnerability was originally observed in late August, and labeled CVE-2020-8913. It allows for Local-Code-Execution (LCE) –meaning that an attacker can execute a series of arbitrary commands or codes– within applications that retain a vulnerable version of the Google Play Core Library. The Google Play Core Library functions as the app’s runtime interface with the Google Play Store.

If the bug has been fixed, why is it still a problem?

In April, Google reported that it had resolved the bug. However, in order for vulnerable apps to be secure, the apps’ developers need to obtain the updated library code and to then incorporate it into their apps. Security researchers say that a significant number of developers are still relying on the vulnerable version of the Google Play Core Library.

How to protect your device:

Ensure that your device and the devices belonging to your employees have a strong mobile threat defense solution installed. Take a comprehensive approach to Mobile Device Management (MDM). You’ll want a solution with a wide range of capabilities. To learn more about mobile device security, click here.

For more on how Android apps could be exploited, visit NewsBreezer.