These types of applications are usually considered as malicious software. For example, some fraudulent financial applications can be installed this way. In general, it is recommended to set the permission before installing an application. However, this permission can be set remotely if the application is installed via preset launcher. The security researchers discovered that the permission can be set only to the user who created the account. This can lead to remote installation of arbitrary applications on a user’s device. During the research, it was found that the preset launcher module doesn’t have any mechanism to check if a preset application is coming from a trusted source. Therefore, if an application is installed via preset launcher, any admin user can grant any permission.
Install by Baidu Browser
In order to install a preset launcher application, the attacker needs to trick the user into using a malicious browser. If the user uses Baidu Browser, it can be used to download arbitrary apps on a device.
The security researchers discovered that when an application is installed by Baidu Browser, there is no way in the browser to verify if an app is coming from a trusted source. This makes it easy for attackers to steal private data and money from users by installing apps on their device through preset launcher.
Timeline
Published on: 11/09/2022 21:15:00 UTC
Last modified on: 11/17/2022 22:20:00 UTC