![]() The three Samsung exploits that DarkNavy says were used by the malicious app. ![]() 28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove. The highly technical writeup also did not name the malicious app in question. Google said it believes the exploit chain for Samsung devices belonged to a “commercial surveillance vendor,” without elaborating further. In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones. Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the software. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |