Last year, we were faced with annoying Stagefright vulnerabilities. Google and some OEMs vowed to tackle the issue by releasing regular software updates some of which come in the form of monthly security patches for Android. This time, we are being challenged by the QuadRootera app as a new Android malware that we said actually reminds us to stay with Google.
QuadRooter is a new threat that has already been blocked on most Android devices. About 90% of Android-powered mobile phones and tablets are now secure as made possible by a security feature that’s been around since the Android 4.2 version. QuadRooter is usually found in any Android phone that is powered by a Qualcomm processor. It’s an app that could let another malicious app to have root access. Once rooted, the app can do anything to the smartphone.
This QuadRooter usually comes when “Unknown Sources” is enabled. Installing app can be done manually from anywhere which makes the phone a quick target of the malware. There’s a simple solution for that. You see, the “Verify Apps” feature is enough for anyone to prevent the malware app from being installed into your phone.
This particular feature is a part of Google Play Services. Google designed this for the purpose of protecting an Android device. As early as Android 4.2 Jelly Bean, the “Verify Apps” feature has been doing its job of protecting a phone from possible attacks. Google itself confirmed that Verify Apps can block what QuadRooter is doing. Apps with QuadRooter can be identified and then blocked easily. Google sent out a statement saying that the latest security patch level is protected already. In a statement, Google said:
“We appreciate Check Point’s research as it helps improve the safety of the broader mobile ecosystem. Android devices with our most recent security patch level are already protected against three of these four vulnerabilities. The fourth vulnerability, CVE-2016-5340, will be addressed in an upcoming Android security bulletin, though Android partners can take action sooner by referencing the public patch Qualcomm has provided. Exploitation of these issues depends on users also downloading and installing a malicious application. Our Verify Apps and SafetyNet protections help identify, block, and remove applications that exploit vulnerabilities like these.”
Google is hard at work in ensuring that Android devices are always protected. Vulnerabilities will come and go, some may even remain, but the tech giant offers many ways on how to detect and prevent them. The idea is that Android would show an “Installation has been blocked” prompt to let the user know a possible threat was prevented.
Verify Apps may be an old feature but some may have to enable it first in the Security section of the Google Settings app. Most phones have this on default but others have to enable Verify Apps manually. Android security isn’t perfect but Google is making sure that solutions are underway.
VIA: Android Central