News

A new leak of brand certificates give malware a free hand on Android

by Efe Udin 03/12/2022 05:34 Last updated 25/02/2023 16:48

0 Comments

Google's Android system has its pros and cons. One of its cons is that it is susceptible to malicious attacks due to its "open nature". Presently, Google and its Android device partners have a serious problem. Hackers or other malicious forces have published the certificates of various hardware brands. This creates a massive security risk. Google employee and security expert Lukasz Siewierski and his team came across cases in which the platform certificates of certain devices or hardware brands had been made public. These brand certificates are typically used to sign Android system apps provided by OEMs and their hardware suppliers to prove their authenticity and that they are not malware. Thus, if these certs are in the public, any malware can appear as authentic.

Brand certificates from Samsung, LG & MediaTek are in circulation

Brand certificates from the two South Korean companies, Samsung and LG are alleged to be in circulation. There are also claims that the certificate of MediaTek is also in the public. Siewierski and his team claim to have already discovered some of the first malware apps that were signed with official brand certificates. These apps are already on the internet. In theory, brand certificates give malware vendors the ability to disguise their malware apps as official system apps.

Google dismisses report

In an official statement, Google had a swift response to the claims. The company claims that there are measures in place to tackle such issues. It is unclear how large the number of devices at risk is. But if this is true, it is likely to run into billions. However, Google as the driving force behind Android claims that most Android users should already be protected.

So far, there have been no cases in which malware signed with one of the leaked platform certificates has made it into the official Play Store. In addition, the Group's systems recognize and filter the relevant malware across the board. However, it should be different if you sideload apps from unknown sources onto your device, since there is no security check in this case.