• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Monday, July 13, 2026
  • Login
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home Tech

Android phones from Samsung, LG, and other manufacturers are exposed to security breaches

by Sneha Singh
December 4, 2022
in Tech
Reading Time: 3 mins read
0
Android
TwitterWhatsappLinkedin

Android devices from companies like Samsung, LG, and others are now exposed to malicious apps that can access their devices and steal user data due to a security breach.

You might also like

Meta Challenges Landmark Jury Verdict Holding Company Liable for Social Media Addiction

Sony Execs Offload Shares Following Physical Disc Exit Announcement

New Sodium Battery Charges in 4 Minutes and Lasts for Years

The platform certificates contained in the leak, which is required to validate apps and certify Android builds for these apps, make it risky.

These certificates have the potential to be misused to produce apps that Android would flag as authentic even though they are not.

Numerous associate OEMs leaked the Android signing certificates. Even worse, the certificates are also used to validate the authenticity of the Android version that is installed on your phone.

Unfortunately, the leak’s revelation does not state which OEM vendors were impacted, but as 9 to 5 Google notes, it does include an example malware file hash.

Using this, the newspaper identified some organizations whose certificates had been compromised. These include, among others, Samsung, LG, and MediaTek.

For the time being, Google advises OEM partners to replace the compromised certificates, making them useless.

A new vulnerability that affected handsets from Samsung, LG, and other manufacturers has been publicly published by Google’s Android Partner Vulnerability Initiative (APVI).

Android

Hackers can use the “shared user ID” of an Android user

Multiple Android OEMs’ platform signing keys have been exposed to third parties, which is the root of the problem. This key is used to verify that the version of Android running on your device was produced by the manufacturer and is valid. Individual apps may also be signed using the same key.

Android trusts all apps that are signed with the same key that was used to sign the operating system by design. With such app signing keys, a malicious attacker might use Android’s “shared user ID” scheme to grant malware complete, system-level access to an infected device. An attacker might access all the data on a compromised device.

Installing an untested or new program is one of many times this Android vulnerability occurs. For example, the Bixby app on at least some Samsung phones uses one of the disclosed platform keys, which means an hacker could add malware to a trusted software, sign the malicious version with the same key, and Android would accept it as an “update” This approach would be effective whether the program was sideloaded, downloaded via the Play Store, the Galaxy Store, or both.

Google has recommended that manufacturers reduce the frequency

Google’s public disclosure shows the hash of sample malware files but does not specify which OEMs or devices were affected. Each file has fortunately been uploaded to VirusTotal, which frequently also reveals the name of the affected business.

The first step is for each impacted company to switch out (or “rotate”) its Android platform signing keys to stop using the ones exposed, according to Google’s succinct explanation of the problem. Anyhow, doing this frequently is a good idea to lessen the harm caused by potential leaks in the future.

Additionally, Google has recommended that all Android developers and manufacturers severely reduce the frequency with which the platform key is used to sign other apps. To prevent any security risks, only an application that requires the most special permissions should be signed in this manner.

Tags: androidGooglehackerSmart Phones
Tweet54SendShare15
Previous Post

Russia will not supply oil to countries supporting price cap – Russian Official

Next Post

Meta sued by anonymous plaintiffs over harvested financial data

Sneha Singh

Sneha is a skilled writer with a passion for uncovering the latest stories and breaking news. She has written for a variety of publications, covering topics ranging from politics and business to entertainment and sports.

Recommended For You

Meta Challenges Landmark Jury Verdict Holding Company Liable for Social Media Addiction

by Sneha Singh
July 13, 2026
0
Meta Challenges Landmark Jury Verdict Holding Company Liable for Social Media Addiction

Meta has appealed a landmark court verdict that found the company responsible for contributing to a young woman's social media addiction and mental health struggles. The appeal marks...

Read more

Sony Execs Offload Shares Following Physical Disc Exit Announcement

by Sneha Singh
July 13, 2026
0
Sony Execs Offload Shares Following Physical Disc Exit Announcement

The choice of Sony to withdraw from the physical games industry has become one of the major debates in the field. In fact, the corporation has just announced...

Read more

New Sodium Battery Charges in 4 Minutes and Lasts for Years

by Sneha Singh
July 13, 2026
0
New Sodium Battery Charges in 4 Minutes and Lasts for Years

Chinese scientists have come up with a revolutionary sodium metal battery (SMB), which will provide a boost to the way electric vehicles and other electronic devices get powered...

Read more
Next Post
Meta Asks Its Employees To Find New Opportunities

Meta sued by anonymous plaintiffs over harvested financial data

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at info@techstory.in

Advertise With Us

Reach out at - info@techstory.in

Aviator Game India 2026

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple Artificial Intelligence bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News OpenAI samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2025 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2025 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?