Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Android

+ - New Android Malware Attacks Custom ROMs->

Submitted by
drmacinyasha
drmacinyasha writes "Today Lookout disclosed a new form of Android malware found in Chinese markets which attacks third-party firmwares (ROMs). By using permissions granted to apps which are signed with the same private keys as the ROM itself, an app can update itself or install and uninstall other apps without user interaction. Most third-party ROMs use the private keys included in the Android Open Source Project, making them vulnerable to this attack. Last month's release of CyanogenMod 7.0.3 (and all subsequent builds) included an "important security fix" which a team member confirmed protects users against this vulnerability by preventing applications signed with the platform key to be installed to user or app-controlled storage."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

New Android Malware Attacks Custom ROMs

Comments Filter:

Make it right before you make it faster.

Working...