Even though patches were released for the recently discovered set of vulnerabilities in the Android OS, which put more than 900 million devices at risk, there is still a threat.
The Check Point security company discovered a bug, dubbed QuadRooter, thanks to which cyber crooks could gain complete control over Android devices. The flaw was found in Qualcomm chips, used in smart devices made by Google, LG, Blackberry and other vendors. This means that more than 900 million devices are vulnerable to attacks. There are four interconnected flaws which are able to give hackers that kind of full access to the phone, hence the name of the flaw – QuadRooter, explains the security firm, Guardian.
Except the patches to fix the vulnerability, Check Point released the QuadRooter Scanner application on the Google Play Store. This app can determine whether or not a device is at risk.
According to a recent research, however, the QuadRooter flaw remains a threat. RiskIQ researchers have come across a number of phony applications, offered by various app stores, claiming they could fix the bug. Of course, not only aren’t they legitimate and won`t fix the problem, but they would probably cause users damage.
A good example is the so-called Fix Patch QuadRooter app which is available in the official Google Play Store, offered by KiwiApps. In spite of being removed from there, it appeared in some other unreliable stores. What is worse, this app is not the only one. Researchers have found 27 bogus apps in total, which are QuadRooter-related.
All these malicious apps have been found ready to be downloaded in the Google Play Store. But also, they are available in other unofficial stores, including AppBrain, AppChina, BingAPK and SameAPK, which are very risky to both devices and their users.
All users would be better off not downloading anything from these illegitimate application stores. They are risky, uncontrolled and, chances are high, that most of the apps offered there are containing malware that can steal users` personal data. Even though in some countries the official apps are not available yet, and the users may be tempted, they should still abide by legitimate and reliable sources like the Google Play Store.
