Newly Found Android Vulnerability Allows Hackers To Install Malicious Apps

According to AVG, all versions of Android older than Android 4.2 have a vulnerability which a hacker can make use of to install malicious applications, send SMSs and more. This specific android vulnerability uses a property called WebView in Android which allows users to view web applications of web-pages as apart of the Android application itself.

The users can infect their smartphone unknowingly by clicking on a link from an unsafe application or an application which is crafted for this sole purpose. The WebView will have some click-able link which then will try to run a malicious javascript code. This javascript code can do so much more that you might think.

Users can be infected when they click on a URL link using a vulnerable application that allows opening a Java enabled browser or web page. The device will automatically perform the malicious actions that were ordered in the malicious web page that contain those JavaScript commands. The commands in the JavaScript code can enable attackers to install malicious software, send SMSs, steal personal information and more. – The AVG Blog post says.

As users you should never trust a third party application from third party markets. And once the android 4.2 update is available for you, update your device asap.

Last Updated on