There is a new “hole” safe android os. More 100 million devices includes applications, that open a loophole for hackers, providing them access to all user data.
Moplus is a toolkit for developers (SDK), prepared by the Chinese company Baidu, which is used in thousands of Android applications. Unfortunately, according to Trend Micro, it includes susceptibility, called Wormhole, which can be used by hackers.
When the application with the mentioned SDK is installed on the smartphone, HTTP server opens automatically, which does not require authentication, accepts any request and establishes a connection in the background without the knowledge of the user. Intruder, which can very easily find the specified server, can also use predefined commands in the SDK, which allow you to perform several operations, having access to confidential information. Besides, hackers have the ability to install their applications.
Moplus SDK can be found in more than 14 thousands of applications (including 4 outside Baidu). They have been uploaded to more than 100 million Android devices. Trend Micro experts say, that the ANDROIDOS_WORMHOLE.HRXA malicious code already exists, which uses the described vulnerability. Besides, celebrate, that in many ways she is worse, if from Stagefright vulnerability, which a few months ago was called the most dangerous in the history of Android.
Baidu and Google were informed about the discovered vulnerability. Chinese company has prepared a new, secure SDK version. Will hope, that developers will update their applications.
