facebook| twitter|  russian| Phone Search:
  • RSS
Samsung Galaxy Note. First Look

Today, large companies, especially corporate giants like Samsung, do not surprise users with extraordinary products...

First look. Sony ST21i Tapioca Microsoft Windows Phone 7: Reasons for Failure First Look at Samsung Galaxy S3 as a 2012 Flagship
Reviews Editorials


Rambler's Top100
AddThis Social Bookmark Button
Print this article

Google Play Market Vulnerability and the Attack on Samsung Smartphones

Samsung Galaxy S and S2: Security Compromised

By the time this revised version of the article was posted we had not received any comments from Google or Samsung. Reps of each of the two companies promised to issue a statement today. Anyway, the story is getting clear and this is how it started.

Subject of The Issue

It began with the release of an update for the MTS Mobile Mail application on Google Play Market. It became available for all Galaxy S and S2 phones regardless of the carrier and the country.

Even if you did not have this app installed the notification prompting you to update would appear in your app list anyway. During the install the app asks you for a full access to phone functions including the SMS. This immediately suggest a malicious nature of the app.

After you have installed the app it cannot be removed from your phone via the My Apps list. Any standard procedure I tried failed to uninstall it.

Autoupdate

Every Android Package (APK) has an ID featuring the developer ID. The MTS Mobile Mail app ID is com.seven.Z7. It just so happens that Samsung's mail app has the very same ID. The company called Seven works with many manufacturers and carriers, the full list of their partners here

As one of our readers told us, the practice of using one ID allows seeing all the bug reports for a released app in the developers panel on Google Play Market. You can find more details on this procedure here

Google have foreseen possible issues due to the use of the same Ids so every app also features a unique developer key. The Android developer website clearly states it

The issue around the MTS Mobile Mail app was caused by the APK and the key having the same name (one and the same developer for some reason used the same ID). As a result your phone would show you the update notification and prompt you to install it. And since the mail app on Samsung phones is a system app it cannot be removed with standard means. However, the XDA-Developers forum found a way to remove the app without getting to root. You need to go to the task manager and delete Google Play market cache and all the data associated with the app then the MTS Mobile Mail app will be gone for good.

Yesterday morning Google blocked this app so no one could install it. Some users continued to see it in their update list but they could not download it.

Google have commented the situation for TheVerge. They say that the app has been removed from the Market and has not affected the users as it never installed on user phones. I cannot agree with this statement since I removed the app from my phone myself and most comments on the apps page on the Market suggest it did install on phones.

MTS issued the following comment: Google, Samsung and MTS are currently working with the developer of the app in order to resolve the situation as soon as possible. The software in question has all the require certificates and is not malicious

I could not get Samsung or Google to comment on this.

Bottom Line

The MTS app is not a virus as I thought at first. The circumstances that led to this result look like a rare combination but alarming nonetheless. It is a serious vulnerability in Google Play Market security that someone could exploit to access vulnerable apps. This story spurred public discussions of the autoupdate problem and here is another case with HTC phones.

I want to refrain from assessing the possible risk and damage this app could do. The bigger problem is that the current distribution system can spawn more troubling cases. This could mean a hit to Androids reputation. The apps description page is rite with angry and rude comments by people who encountered the problem. I am sure Google want their users happy and will try to fix the problem as soon as possible. They have Apple App Store to look up to they have never had problems like this one.

Do you want to talk about this? Please, go to our Forum and let your opinion be known to the author and everybody else.

Eldar Murtazin (eldar@mobile-review.com)
Twitter    Livejournal
Translated by Robert Mugattarov (mugattarov@gmail.com)

Published — 28 March 2012

Have something to add?! Write us... eldar@mobile-review.com

 

News:

[ 31-07 16:21 ]Sir Jony Ive: Apple Isn't In It For The Money

[ 31-07 13:34 ]Video: Nokia Designer Interviews

[ 31-07 13:10 ]RIM To Layoff 3,000 More Employees

[ 30-07 20:59 ]Video: iPhone 5 Housing Shown Off

[ 30-07 19:12 ]Android Fortunes Decline In U.S.

[ 25-07 16:18 ]Why Apple Is Suing Samsung?

[ 25-07 15:53 ]A Few Choice Quotes About Apple ... By Samsung

[ 23-07 20:25 ]Russian iOS Hacker Calls It A Day

[ 23-07 17:40 ]Video: It's Still Not Out, But Galaxy Note 10.1 Gets An Ad

[ 19-07 19:10 ]Another Loss For Nokia: $1 Billion Down In Q2

[ 19-07 17:22 ]British Judge Orders Apple To Run Ads Saying Samsung Did Not Copy Them

[ 19-07 16:57 ]iPhone 5 To Feature Nano-SIM Cards

[ 18-07 14:20 ]What The iPad Could Have Looked Like ...

[ 18-07 13:25 ]App Store Hack Is Still Going Strong Despite Apple's Best Efforts

[ 13-07 12:34 ]Infographic: The (Hypothetical) Sale Of RIM

[ 13-07 11:10 ]Video: iPhone Hacker Makes In-App Purchases Free

[ 12-07 19:50 ]iPhone 5 Images Leak Again

[ 12-07 17:51 ]Android Takes 50%+ Of U.S. And Europe

[ 11-07 16:02 ]Apple Involved In 60% Of Patent Suits

[ 11-07 13:14 ]Video: Kindle Fire Gets A Jelly Bean

Subscribe

Register | Lost password?

E-mail


Password




Mobile-review.com, 2002-2012. All rights reserved.