Run this Installer Hijacking Scanner app to see if your older Android phone is at risk

Half of all Android phones still run Android 4.2 or older; they could be vulnerable to hijacking app

This app could save your older Android phone from being hijacked. Specifically, the Installer Hijacking Scanner app from the Google Play store is designed to check for a vulnerability that was discovered over a year ago and still hasn't been resolved.

Palo Alto Networks revealed information Tuesday about a critical vulnerability affecting Android. The flaw was initially discovered in January, 2014. Palo Alto Networks has been working closely with Google and Android device manufacturers to resolve the issue since then. The flaw, dubbed "Android Installer Hijacking," is estimated to impact nearly half of all Android devices.

The vulnerability affects the Time-of-Check to Time-of-Use (TOCTTOU) function of Android. Exploiting the flaw allows an attacker to hijack app installation and replace or modify an otherwise benign Android app installation with malware without the user's knowledge. According to Palo Alto Networks the malicious app is able to gain full access to the compromised device--including usernames, passwords, and other sensitive data.

The issue is a problem only when downloading apps from third-party repositories. Apps installed from Google Play are downloaded to a protected space within the file system. Third-party app stores, on the other hand, typically download files to unprotected storage and installed directly from there. The TOCTTOU flaw enables an attacker to modify or replace the file during installation without alerting the user.

The issue is mainly a concern for users that install apps from third-party app stores on older Android devices. Palo Alto Networks claims that the flaw exists in Android 2.3, 4.0.3-4.0.4, 4.1.x, and 4.2.x. Some Android 4.3 implementations have also been found vulnerable.

One of the primary benefits of Android is also one of its biggest concerns. The volume and diversity of Android devices leaves many Android users stuck with outdated versions of the OS. Androd 4.4 KitKat was released in October of 2013 and has already been supplanted by Android 5.0 Lollipop yet less than 40 percent of Android users have received that update. Meanwhile, Google has stopped supporting Android 4.3 and earlier versions--leaving more than half of Android users to rely on the Android community to patch vulnerabilities or just fend for themselves.

At the time the vulnerability was discovered, it affected almost 90 percent of the Android devices in use. Thanks to attrition and updates to more current versions of Android, that number has dropped to just under 50 percent. The Android device doesn't need to be rooted to be vulnerable, but rooted devices are predictably more vulnerable, according to Palo Alto Networks.

Based on these facts, mitigation seems relatively simple. You should update your device to Android 4.3--or preferably 4.4--or later if at all possible. Regardless, you should stick to downloading apps from the official Google Play store.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags smartphonesGoogleAndroiddata protectionantivirusconsumer electronicsmobile malwarepalo alto networksAccess control and authenticationandroid malware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?