“A BUG THAT CRASHED GOOGLE MARKET CAN ALSO BRICK ANDROID DEVICES”. Few days ago we reported, there was a wide spread hue and cry over Google Playstore crash.
Actually, it was a result of the quasi-DDoS attack mounted on the PlayStore by Ibrahim Balic, a London based security researcher. He wanted to prove his concept before Google that by setting an application’s name parameter (app-name) greater than 387,000 characters, can successfully crash the Google Play Store.
He tested this against Google Bouncer, which render the Play Store inaccessible to hundreds of developers around the globe. Quite interestingly however, the same “Balic’s exploit” can also crash Android devices using Android 4 and onwards.
As highlighted by Trend Micro, a malformed .apk file, called “Memory Corruption Bug”, can force an Android device to crash. It can crash WindowsManager, PackageManager and ActivityManager.Therefore it can be a valuable tool for cyber criminals.
Trend Micro security analyst, Zhang suggests that if properly written, this bug apk file can launch an Android devices into “infinite loop on reboots.” Zhang believes that it is possible to bypass transaction buffer and upload such malicious file on Play Store in ADB (Android Debug Bridge) mode, which is widely used by the third-party applications developers nowadays.
Zhang further said that this valunerability can be exploited by cyber criminals, who use it to crash and brick Android devices as this bug can set android devices on infinite loop of reboot which can erase all the data on devices.
View full post on Who Got Hacked – Latest Hacking News and Security Updates