Android Installer Hijacking Exploit Could Affect Users On Jelly Bean 4.2 And Below

March 25, 2015 - Written By Justin Diaz

A new research report from Palo Alto Networks is bringing attention to a potentially dangerous exploit that could affect a decent number of Android users. They’re referring to this vulnerability as Android Installer Hijacking, and like all malware whether on mobile or PC it’s worth knowing about just in case. However, there are specific limitations to this vulnerability that users will also want to pay attention to as there’s no reason to stress out about something if you or your device aren’t included in the groups of users who this exploit is attempting to attack.

First and foremost, this particular exploit only affects users running on versions of Android that are older than Jelly Bean 4.3. So if you’re running on Android Jelly Bean 4.3, Android Kit Kat, or Android Lollipop, you generally have nothing to worry about. The other main factor to consider here is that these exploits and vulnerabilities are relying on users to grab applications that have come from unvalidated and unofficial sources and install them. This means that apps in the Play Store, the Amazon App Store and other trusted sources are not affected, so if you are running on a device with Android 4.2 Jelly Bean or older, you can avoid running into this issue and these exploits by only downloading applications that come from official channels like the ones listed here.

As outlined by Palo Alto Networks, the Android Installer Hijacking vulnerability gives attackers a way to infect users with malware by replacing a seemingly trustworthy app with the malicious code. Once infected, users private and personal information like passwords, usernames, and other sensitive data are at risk of being gathered and can be used for nefarious purposes. If there’s anything to be gathered from this information, a “moral of the story” as it were, it’s that you shouldn’t be downloading apps that don’t come from the official app distribution stores, because this is the most common vessel for hackers to infect users and get a hold of sensitive data. Following this one simple rule can do a world of good to ensure that you aren’t affected by the Android Installer Hijacker vulnerability.