It turned out that the firewall can be circumvented by making infected applications look like system applications. Because of this method, many smartphones can be in danger.
As smartphones and computers evolve, the security measures needed to protect devices are also increasing. Although manufacturers constantly try to protect devices with new updates, hackers are also constantly looking for new vulnerabilities.
If you remember, a critical security vulnerability was found in Windows 10 and 11 in recent weeks. Today, it has been revealed that a significant security vulnerability has been identified that could compromise almost all Android devices.
All applications containing viruses can be signed as secure
With an update that came to the Google Play Store last year, December periodically scans the applications that you installed on your phone and notifies users when it detects an application that could damage your phone. Samsung’s security application and Xiaomi’s security application were also making a similar system. These systems usually checked the signatures of application packages (APK) and compared them with the signatures of malicious applications recorded in many cybersecurity systems, especially Google.
However, according to information uncovered by Google’s malware engineer Lukasz Siewierski, hackers can sign this malicious software like another application or a system application and bypass the firewall thanks to several platforms. Even worse, there may be real system applications that have viruses embedded in these applications.
In order to test the updates coming to the applications, users usually prefer to download the beta version of the application from the platforms on the Internet. Some users prefer legal websites supported by Google, such as APKMirror, while some users download the application from the first website they see. If you are jumping to the first site you see or constantly downloading modal applications, you may have infected your phone with this method.
The risk of manufacturers such as Samsung and Xiaomi is greater
In order for this method to work, hackers need the platform key of the applications. Usually, the application program to an old version of Google’s leaked hacking keys or APKMirror rivals like Samsung and Xiaomi recently though according to a statement by the firms that produce many of the current applications of the Google application keys were stolen.
In the research carried out, viruses in applications with old keys can be detected by the firewalls of devices, while malware with up-to-date keys, unfortunately, cannot be detected.
If you think you are affected by this method, which has been revealed to be used in November, the only thing you can do is to format your phone as soon as possible.
