Find a Question:
Bug in Android allows attackers steal authentication data
According to security researchers, there is a bug in keystore, the share of Android which authentication data such as cryptographic keys, pin and unlock patterns are stored. Attackers, these data can identify and exploit.
The study was published by security researchers from IBM. Due to a bug in Androids keystore attackers can retrieve authentication data through a stack buffer overflow. On their website , the researchers explain in detail how the bug can be abused.
According to the discoverers is delayed publication until Google has been repaired, which has already been the case the bug. With the release of Android KitKat, 4.4.x version numbers, the bug would cease to abuse, but many users still have an older version of the mobile operating system. This are many Android devices susceptible.
Attackers could receive for services used. Conscious Android device by exploiting the bug authentication data in the hands Hackers could, for example authentication data for payment services and banks can get hold of. However, they shall install malware on a vulnerable device: it is necessary to perform in order to exploit the bug in code yourself. It is not clear whether abuse of vulnerability in keystore.Viewing:-228
Answer this Question
You must be Logged In to post an Answer.
Not a member yet? Sign Up Now »
Star Points Scale
Earn points for Asking and Answering Questions!