Home / Vulnerability / Android ad library vulnerability puts millions of android devices at risk

Android ad library vulnerability puts millions of android devices at risk

 A popular ad library (third-party software included by host apps in order to display ads) has been found vulnerable, which can be used to conduct attacks to million of android users.
This library is included in popular apps on Google Play which have more than 200 million downloads in total.

The vulnerability is not yet known previously by any anti-virus or security vendor according to a report by Net-Security.

The ad library with code name “Vulna” (-vulnerability, hidden for now) presents accordingly critical security issues like:

  •  aggressive— if instructed by its server, it will collect sensitive information such as text messages, phone call history, and contacts. It also performs dangerous operations such as executing dynamically downloaded code.
  •   vulnerabilities – these vulnerabilities when exploited allow an attacker to utilize Vulna’s risky and aggressive functionality to conduct malicious activity, such as turning on the camera and taking pictures without user’s knowledge, stealing two-­factor authentication tokens sent via SMS, or turning the device into part of a botnet.

By further analysis by the experts, an attacker could leverage his attacks and perform malicious actions, for example:

  • steal two-factor authentication token sent via SMS
  • view photos and other files on the SD card
  • install icons used for phishing attacks on the home screen
  • delete files and destroy data on demand
  • impersonate the owner and send forged text messages to business partners
  • delete incoming text messages without the user’s notice
  • place phone calls
  • use the camera to take photos without user’s notice
  • read bookmarks or change them to point to phishing sites.

These aggressiveness and vulnerabilities on the ad library leaves android users, especially those enterprise users exposed into security threats.

For further information in this newly discovered mobile threat found by FireEye, you may browse it by clicking on this link.

About Clifford Trigo

Hi there! I am Clifford Trigo from the island of Bohol, come over here and lets have fun! :3 Just keep reading :D