Find if your Android Phone is Vulnerable to MasterKey Exploit

With the new inventions in computers and phones, new and new malicious apps/codes are also invented by the people. These days, the hacking is not only limited to the field of computers but also to the mobile phones. Since almost every individual today have a mobile phone and that too with some sort of private information in it, it is not a bad choice for the hackers.

Well if you are using an Android phone that too released in last 4 years then the chances are that your phone is prone to attack by some exploit known as MasterKey. Bluebox Labs recently discovered vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user.

bluebox-security-scanner-unpatched

This means, around 900 million Android phones in use today might be vulnerable to this exploit. So what this exploit does? This exploit can be used to alter any app on your device to access the data on your phone (risky to almost every person).

How to find out if your Android is prone to MasterKey Exploit?

Well its not difficult at all, just use this app developed from the Bluebox agency called as Bluebox Security Scanner. This will help you scan your phone for the exploit and if found you can report it to the agency.

bluebox-security-scanner-patched

This is how the app will look like (shown in the screen above).

Patch Status will let you know if your phone has been patched by the phone manufacturer for this exploit or not. If is it is patched then you don’t need to worry and if it isn’t then you need to be careful while installing any app in future like you should only install apps from the Google market.

Apps from Unknown Sources let you know if your phone supports installations from other than google market or not.

Malicious App Scan lets you scan your phone for any malicious app already present in your phone.

You can read more about the exploit here.

Leave a Reply