A number of applications that harmlessly use the MasterKey vulnerability have been spotted on Google Play.
Two of the apps, Rose Wedding Cake Game – “air.RoseWeddingCakeGame v 1.1.0” and Pirates Island Mahjong Free “air.PiratesIslandMahjong v 1.0.1”, respectively have been last updated in mid-May and are increasingly popular with Android users: while the Pirates Island Mahjong Free has been installed by between 5,000 and 10,000 users, Rose Wedding Cake Game has between 10,000 and 50,000 installs.
There is no need to panic right away: the applications contain two duplicate PNG files which are part of the game’s interface. This means that the applications are not running malicious code -“ they are merely exposing the Android bug to overwrite an image file in the package, most likely by mistake. In contrast, malicious exploitation of this flaw focuses on replacing application code.
One thing that is particularly interesting about today’s discovery is the fact that the two applications with this behavior managed to make their way into the Play Store without raising any red flags. However, patched Android distributions such as CyanogenMod will refuse to install the application with the mention that the “Package file was not signed correctly”.
If you’re running an unpatched distribution of Android, you might want to try out our Bitdefender Mobile Security & Antivirus or to install the Antivirus Free scanner for Android, which are both available via the Play Store and detect the MasterKey exploit.
[…] security researcher Bogdan Botezatu ехрƖаіnѕ іn a blog post (extract below): Two οf thе apps, Rose Wedding Cake Game – ‘air.RoseWeddingCakeGame v […]
[…] vulnerability is probably accidental, BitDefender security researcher Bogdan Botezatu explains in a blog post (extract below): Two of the apps, Rose Wedding Cake Game – ‘air.RoseWeddingCakeGame v 1.1.0’ […]
[…] researchers hаνе identified several apps available іn Google Play thаt exploit thе master key bug, those modifications appear tο hаνе bееn inadvertent аnԁ […]
[…] und Glücksspiel entdeckt. Die Antivirenfirma Bitdefender will auch bei Google Play einige Apps gesichtet haben, die den Android-Bug bei der Signaturprüfung ausnutzen. Allerdings enthalten die Apps keinen […]
[…] researchers have identified several apps available in Google Play that exploit the master key bug, those modifications appear to have been inadvertent and harmless. The apps spotted by Symantec […]
[…] Mai multe detalii pot fi găsite È™i la: http://www.hotforsecurity.com/blog/masterkey-hack-applications-spotted-in-the-play-store-6607.html […]
[…] so to refuse applications packed as zip files including the same file twice. Nevertheless, based on some reports, some applications in the Play Store are packed like that, although harmlessly, and very likely by […]