“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps


Microsoft discovered a path traversal-affiliated vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s home directory.

The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an application’s implementation. Arbitrary code execution can provide a threat actor with full control over an application’s behavior. Meanwhile, token theft can provide a threat actor with access to the user’s accounts and sensitive data.

Read more…
Source: Microsoft


Sign up for our Newsletter


Related:

  • Two botnets are fighting over control of thousands of unsecured Android devices

    November 2, 2018

    Two botnet gangs are fighting to take control over as many unsecured Android devices as they can to use their resources and mine cryptocurrency behind owners’ backs. The turf war between these two botnets –one named Fbot and the other named Trinity– has been going on for at least a month if we’re to combine the ...

  • ‘Domestic Kitten’ Mobile Spyware Campaign Aims at Iranian Targets

    September 7, 2018

    Spreading via fake Android apps, the malware lifts a range of sensitive information from victims’ devices. A mobile spyware campaign against mainly Iranian citizens has been spotted – with evidence that the Iranian government might be involved. The operation is dubbed Domestic Kitten by Check Point researchers — “kitten” to follow common APT nomenclature for Iranian groups ...

  • EU fines Google $5 billion over Android antitrust abuse

    July 18, 2018

    European Union regulators have slapped Alphabet-owned Google with a record 4.34 billion euro ($5 billion) antitrust fine for abusing the dominance of its Android mobile operating system, which is by far the most popular smartphone OS in the world. Google said in a statement that it would appeal the ruling, arguing against the EU’s view that its software is restrictive of fair competition. European ...

  • RAMpage Attack Explained – Exploiting RowHammer On Android Again!

    June 29, 2018

    A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices. Dubbed RAMpage, the new technique (CVE-2018-9442) could re-enable an unprivileged Android app running on the victim’s device to take advantage from the previously ...

  • DNS-Hijacking Malware Targeting iOS, Android and Desktop Users Worldwide

    May 21, 2018

    Widespread routers’ DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users. Dubbed Roaming Mantis, the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users’ login credentials and the secret code for two-factor authentication. Read more… Source: The ...

  • GLitch: New ‘Rowhammer’ Attack Can Remotely Hijack Android Phones

    May 3, 2018

    For the very first time, security researchers have discovered an effective way to exploit a four-year-old hacking technique called Rowhammer to hijack an Android phone remotely. Dubbed GLitch, the proof-of-concept technique is a new addition to the Rowhammer attack series which leverages embedded graphics processing units (GPUs) to carry out a Rowhammer attack against Android smartphones. Rowhammer is a problem ...