Security News > 2023 > April > Kyocera Android app with 1M installs can be abused to drop malware
A Kyocera Android printing app is vulnerable to improper intent handling, allowing other malicious applications to abuse the flaw to download and potentially install malware on devices.
Although the apps list different publishers, they are based on the same code; thus, the vulnerability impacts all three.
KYOCERA published a security bulletin on the issue yesterday, urging users of its printing app to upgrade to version 3.2.0.230227, currently available via Google Play.
"KYOCERA Mobile Print's application class allows data transmission from malicious third-party mobile applications, which could result in malicious files being downloaded," reads the vendor's notice.
For such an attack to occur, the user must also install a second malicious application on their device that will trigger the payload download. Despite that requirement mitigating the severity of the flaw, it would be easy to distribute a malicious app that takes advantage of the issue, as it wouldn't have to include risky code, request the approval of risky permissions upon installation, etc.
Starting from Android 14, the exchange of intents between apps will be restricted, requiring the definition of specific recipients by the sender, the declaration of what information an app needs to receive from other apps, and whether or not receivers should be limited to system broadcasts.
News URL
Related news
- New LianSpy malware hides by blocking Android security feature (source)
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)