Upgrading Your Android, Elevating My Malware: Privilege Escalation Through Mobile OS Updating - BestCyberNews: Online News Presenter in the present world

BestCyberNews: Online News Presenter in the present world

Start knowing

test banner

Breaking

Upgrading Your Android, Elevating My Malware: Privilege Escalation Through Mobile OS Updating

Android is a fast evolving system, with new updates coming out one after another. These updates often completely overhaul a running system, replacing and adding tens of thousands of files across Android’s complex architecture, in the presence of critical user data and applications.

Indiana University and Microsoft researchers had released a document regarding Upgrading Your Android, Elevating My Malware: Privilege Escalation Through Mobile OS Updating.

To avoid accidental damages to such data and existing apps, the upgrade process involves complicated program logic, whose security implications, however, are less known. 

In that paper, they are reported the first systematic study on the Android updating mechanism, focusing on its Package Management Service (PMS).

Our research brought to light a new type of security-critical vulnerabilities, called Pileup flaws, through which a malicious app can strategically declare a set of privileges and attributes on a low-version operating system (OS) and wait until it is upgraded to escalate its privileges on the new system. 

Specifically, researchers found that by exploiting the Pileup vulnerabilities, the app can not only acquire a set of newly added system and signature permissions but also determine their settings, and it can further substitute for new system apps, contaminate their data  to steal sensitive user information or change security configurations, and prevent installation of critical system services. 

They systematically analyzed the source code of PMS using a program verification tool and confirmed the presence of those security flaws on all Android official versions and over 3,000 customized versions. 

Researchers also identified hundreds of exploit opportunities the adversary can leverage over thousands of devices across different device manufacturers, carriers and countries.

To mitigate this threat without endangering user data and apps during an upgrade, they are we also  developed a new detection service, called SecUP, which deploys a scanner on the user’s device to capture the malicious apps designed to exploit Pileup vulnerabilities, based upon the vulnerability-related information automatically collected from newly released Android OS images.



Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter

No comments:

Post a Comment