This critical vulnerability has been actively exploited since at least December 2014. Attackers can inject malicious code into legitimate Android or iOS devices, giving them the ability to take over the system and steal sensitive information.
Google and Apple have been notified about the issue, but have been slow to provide a resolution. To deal with the problem, both vendors have created policies that prohibit their partners from selling unverified devices.
Bypassing Device Management and Enrollment Policies.
To be more specific, Android device manufacturers and Apple suppliers must be enrolled in Google’s Device Enrollment Program to get their devices approved. For users, this requirement can be easily bypassed by purchasing unapproved devices from alternative suppliers.
Device management and enrollment policies are not the only ways to protect Android devices from spoofing. For example, users can activate the Verify Apps permission to ensure that all software installed on the device has been verified.
How to Protect Android and iOS Devices from Tampered Firmware
While Google and Apple have policies in place to prevent the proliferation of unverified devices, the policies are not always effective. For example, when Google launched its Verify Apps permission in Android 5.0 Lollipop, it did so for all devices running on Android 5.0 or higher. However, at least one popular device manufacturer implemented this feature on only some of its products. In consequence, users needed to manually download the Verify Apps from Google Store on their phone to ensure that they were protected from malicious firmware.
Another option for protecting against malicious firmware is by blocking the installation of apps from unknown sources. This can be done by following these steps:
1) From the Home screen, press Settings > Security > Device Administrators
2) Tap “Unknown Sources”
3) Turn off Unknown Sources
4) Press OK
Android Security Basics
Android devices are vulnerable to spoofing because of the way Android’s software is installed. When users purchase a new device, the vendor typically builds a customized version of Android that includes both applications and system settings. This customized software can be easily updated by users, which is why we need to take steps like activating the Verify Apps permission on our devices to ensure that all software installed has been verified by Google.
In addition, if you want to protect yourself from spoofing, you should activate the pattern lock feature on your device. This feature prevents someone from taking over your device without knowing the password or pattern lock PIN.
#1: Disabling screen locking can make it easier for attackers to take control of your device
#2: Pattern-based locks can be bypassed if attackers find a way to steal screen geometry data or know your PIN or password
Android Device Management and Enrollment Policies
To be more specific, Android device manufacturers and Apple suppliers must be enrolled in Google’s Device Enrollment Program to get their devices approved. For users, this requirement can be easily bypassed by purchasing unapproved devices from alternative suppliers.
What you need to do to protect your Android device
If you own an Android device, here is what you can do to protect yourself from this vulnerability:
- Activate the Verify Apps permission
- Use a VPN (Virtual Private Network) to stay hidden from the attacker
Timeline
Published on: 06/15/2022 22:15:00 UTC
Last modified on: 06/27/2022 17:59:00 UTC