Search icon
Sign In
X
PreviousPrevious
HomeTechnology

Android security scare: Lakhs of Samsung, LG smartphones exposed to malware risk

The security scare deals with the application signing process which secures devices running on Android Operating System during updates.

Reported By:DNA Web Team| Edited By: DNA Web Team |Source: DNA webdesk |Updated: Dec 04, 2022, 07:17 AM IST

Android security scare: Lakhs of Samsung, LG smartphones exposed to malware risk
Photo: Pexels | Representational

Tens of lakhs of smartphones could be at risk of a malware attack due to a major Android leak. The security issue has been reported for devices by Samsung and LG but is not limited to them and could be a threat for other smartphones that run on MediaTek chips. 

The security scare deals with the Android application signing process which secures devices running on Android Operating System during updates. The signing process is crucial for the safety of smartphones as it verifies the authenticity of software updates that come to devices. This process is a way to differentiate between legitimate and illegitimate app developers. Each app developer has a special sign-in key as an extra security cover which is confidential. 

Issue flagged with the signing process

The security issue was reportedly highlighted by a Google employee called Łukasz Siewierski who highlighted that the security certificates belonging to many Android OEMs (Original Equipment Manufacturers) have been leaked on the internet. 

The security certificates leaked would leave the sign-in keys of affected developers exposed to hacking risk. Cyber attackers could use these to infiltrate the impacted smartphones with malware attacks. 

The biggest concern is that this Android sign-in key comes with the highest OS privileges. What this means is that hackers can bypass Google, the smartphone maker and the app developer without them getting knowledge of the attack. It is to be noted that such devices are at risk of malware attack when downloading updates from a third-party source instead of the Android app store.

Solution to malware exposure

The device makers impacted by the leak have already been notified by the Android Security Team. These brands have now been told to replace the current public and private keys with new ones to “rotate the platform certificate”. An internal investigation to understand the underlying issue has also been suggested. 

Samsung is reportedly aware of the security issue and has been issuing security patches in connection to it. There have been “no known security incidents” due to this “potential vulnerability”, Samsung was quoted as saying.

READ | Google Chrome, Firefox, Microsoft Defender hit by new commercial spyware

TRENDING NEWS TOPICS
More
Popular Stories
More
Most Viewed
More
Shah Rukh khan birthday: 5 expensive things Pathaan star king khan owns
Diwali 2022: This festive season, get blinged up using these Bollywood inspired looks
Diwali 2022: Ayushmann Khurrana, RajKumar Rao, Varun Dhawan, Daisy Shah, others slay in ethnic wear
Beetroot: 5 amazing health benefits of beetroot for a good skin, hair and blood
Are you planning a winter trip? Here are 5 mesmerising places to explore
Speed Reads
More
First-image
Wordle 533 answer for today: Here is the Wordle answer for December 4
top-stories
top-stories
top-stories
top-stories
Most Watched
More
DNA Originals
More

Partner site: Zee News ©1998-2022 Diligent Media Corporation Limited, All Rights Reserved.