A GLITCH in the security makeup of the Android operating system could potentially allow hackers to turn devices into a ‘malicious Trojan’, according to CTO of BlueBox Security Jeff Forristal.
In a blog posted on the firm’s site, Mr Forristal suggests there is a sizeable hole in the fabric of Android security that could leave 99 per cent of devices vulnerable to attacks, which would turn the phone’s applications into viruses unable to be detected by the user, phone or the app store.
The hole could affect as many as 900 million devices worldwide running Android 1.6, and the implications are ‘massive’ according to the company.
Mr Forristal described the potential dangers, saying that installing a Trojan virus could grant the application full access to the Android system and all the installed applications.
The infected application would then have access to the device’s emails, text messages and documents, as well as being able to retrieve passwords and ultimately take control of the phone and make ‘arbitrary phone calls, send arbitrary SMS messages, turn on the camera and record calls.”
Bluebox has reportedly known about the bug since February, when it ‘responsibly disclosed’ all the relevant information to Google.