The Anti-virus Times

Tuesday, May 10, 2016

One of the areas in which virus writing is evolving involves exploring ways to infect systems using the vulnerabilities inherent in all software—simply put, through loopholes in the code. Android applications are no exception—they also have vulnerabilities.

According to Doctor Web statistics:

• 56.4% of devices* have ObjectInputStream Serialization vulnerability;
• 41.85% of devices have Fake ID vulnerability;
• 37.7% of devices have PendingIntent vulnerability;
• 23.75% of devices have Name Length Field vulnerability;
• 22.91% of devices have Android Installer Hijacking vulnerability;
• 14.72% of devices have Extra Field vulnerability;
• 11.4% of devices have Master Keys vulnerability.

*protected by Dr.Web.

These statistics can be considered to be rather significant, because today* over 100 million devices worldwide are enjoying the reliable protection of Dr.Web.

*On the day this issue was published

Cybercriminals can use vulnerabilities to can gain access to confidential information stored on your device. And you may be using your device for work or making online payments!

Attackers have almost unlimited opportunities: today they can gain access to the address book on your device, correspondence, find out your location and even record your conversations or make videos when you’re visiting some web resources or participating in an actual business meeting.

The probability of having confidential data stolen from your mobile device is always present if it is not protected with a reliable anti-virus like Dr.Web!

For example, the malware Android.Poder collects sensitive information, such as the browsing history, and is designed to covertly send an SMS message containing its download link to all the contacts found in the device phone book.