Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Upgrading Your Android, Elevating My Malware SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Upgrading Your Android, Elevating My Malware

A new study[1][2] by Indiana University Bloomington show that updating any Android device can allow an attacker to escalate apps privileges.

The researchers have discovered a new type of vulnerability called Pileup flaws, the vulnerability exist in the Package Management Service.

When a new app installed on old version of Android request a permission for features that don’t exist on that version of Android, however when the user upgrade to the new version, Android keeps all the permissions which mean that they will work in the new version of Android.


The researchers have developed a detection service, called SecUp, which deploys a scanner on the user’s device to capture the malicious apps designed to exploit Pileup vulnerability.

Like many other threats, the best mitigation is installing trusted software only.








60 Posts
ISC Handler
Apr 1st 2014

Sign Up for Free or Log In to start participating in the conversation!