Stories
Slash Boxes
Comments

SoylentNews is people

In a First, Android Apps Abuse Serious “Dirty Cow” Bug to Backdoor Phones

posted by Fnord666 on Monday October 02 2017, @11:29AM   Printer-friendly
from the ground-beef dept.

MrPlow writes:

Submitted via IRC for SoyCow5743

A serious vulnerability that remains unfixed in many Android devices is under active exploit, marking the first known time real-world attackers have used it to bypass key security protections built in to the mobile operating system.

Dirty Cow, as the vulnerability has been dubbed, came to light last October after lurking in the kernel of the Linux operating system for nine years. While it amounts to a mere privilege-escalation bug—as opposed to a more critical code-execution flaw—several characteristics make it particularly potent. For one, the vulnerability is located in a part of the Linux kernel that's almost universally available. And for another, reliable exploits are relatively easy to develop.

By the time it was disclosed, it was already under active exploit on Linux servers. Within days of its disclosure, researchers and hobbyists were using the vulnerability, indexed as CVE-2016-5195, to root Android phones.

Now, more than 1,200 apps available in third-party marketplaces are exploiting Dirty Cow as part of a scam that uses text-based payment services to make fraudulent charges to the phone owner, researchers from antivirus provider Trend Micro reported on Monday.

Source: https://arstechnica.com/information-technology/2017/09/in-a-first-android-apps-abuse-serious-dirty-cow-bug-to-backdoor-phones/

Original Submission

 
This discussion has been archived. No new comments can be posted.
In a First, Android Apps Abuse Serious “Dirty Cow” Bug to Backdoor Phones | Log In/Create an Account | Top | 14 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by urza9814 on Tuesday October 03 2017, @01:47PM

    by urza9814 (3954) on Tuesday October 03 2017, @01:47PM (#576578) Journal

    My previous phone was a Samsung Galaxy S5. I liked it until the installed bloatware was so bad that I couldn't do OS updates any more. I had removed everything that I was willing to remove. That's another thing about Google's phones -- no preinstalled non-removable bloatware. Just bare bones apps like a browser, phone dialer, etc. No assumption that you want, for example, FaceTwit. If I wanted to install FaceTwit, I know how to find it in the Play store.

    Except Google Maps, Google Mail, and all of the other Google spyware. Of course they don't want third-party spyware preinstalled - it would reduce the value of the data that they collect about you if anyone could collect it.

    This is exactly why I run LineageOS on my Galaxy S5. It's an excellent phone and even better software.

    The only Google app I have is the play store, and even that is optional.

    I've got a few uninstalled updates available actually as I haven't updated in several months -- the last one was released six days ago -- but I'm running Android 7.1.2 already with security patches up to June 2017...so I'm safe from this one at least. And Google only patches for 3 years -- the S5 is older than that already, so if this was a Google device it wouldn't be getting updates anymore. But I expect I'll still be getting updates for years to come, long after I eventually decide to upgrade the hardware. Not that I see any need to right now; this thing can easily handle everything I throw at it.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2