According to Google, a commercial surveillance vendor was exploiting three zero-day security flaws in a few smartphones. The flaws in Samsung’s custom-built software have now been fixed.
These vulnerabilities, according to a blog post by Google Project Zero security researcher Maddie Stone, were used as part of an exploit chain to target Samsung smartphones running Android OS. These flaws allowed the attacker to gain read/write privileges, allowing him to access the phone’s data.
“The arbitrary file read and write vulnerability was the foundation of this chain, used four different times and at least once in each step,” Stone explained. According to the researcher, the exploits were found on Samsung smartphones equipped with Exynos chipsets and running kernel version 4.14.113. The Galaxy S10, Galaxy A50, and Galaxy A51 are among these devices.
The flaws were allegedly exploited by a malicious Android app that was installed from somewhere other than the Google Play Store. According to the researcher, an “in-the-wild sample obtained is a JNI native library file that would have been loaded as part of an app.”
While the vulnerability was first reported last week, an update on November 10 states that the malicious code may have accessed the phone’s data without the user’s permission. Users may have been duped into installing the malicious app from somewhere other than the app store.
The development comes at a time when multiple reports suggest that the Google Play Store contains malicious apps that use malware to steal users’ information in a variety of ways. These apps are usually categorised as fun, tools, or productivity.
How to Stay Safe From Malicious Apps
The first and most straightforward method for keeping your phone secure and your data private is to use Google Play Protect. It scans the apps on your phone for malicious behaviour. It is recommended that you install apps from reputable vendors from the Google Play Store. Third, you can install a trustworthy endpoint security app.