Installation app flaw affects half of all Android users

A vulnerability within Google's Android mobile operating system allows the installation and hijacking of the Android Package File (APK) app which affects half of all Android device users, a report released by Palo Alto Networks reveals. Instead of installing the APK app, attacked devices receive a malicious app, allowing hackers to “silently” distribute malware, compromise operating systems, and steal user data, according to the analysis.

“This Android vulnerability means users who think they're accessing legitimate applications with approved permissions may instead be exposed to data theft and malware,” Ryan Olson, intelligence director, Unit 42, Palo Alto Networks wrote in an email to SCMagazineUK.com. The company advises Android users to monitor their devices, and has also provided an application to help potentially affected Android users diagnose their devices.