Removed from Google Play
Nov 22 Project Zero:
researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device.
Google said it believes the exploit chain for Samsung devices belonged to a “commercial surveillance vendor,” without elaborating further. The highly technical writeup also did not name the malicious app in question.
Feb 23 DarkNavy 深藍洞察
researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove.
DarkNavy likewise did not name the app they said was responsible for the attacks. In fact, the researchers took care to redact the name of the app from multiple code screenshots published in their writeup. DarkNavy did not respond to requests for clarification.
“At present, a large number of end users have complained on multiple social platforms,” reads a translated version of the DarkNavy blog post. “The app has problems such as inexplicable installation, privacy leakage, and inability to uninstall.
最终,该互联网厂商通过上述一系列隐蔽的黑客技术手段,在其合法 App 的背后,达到了:
- 隐蔽安装,提升装机量
- 伪造提升 DAU/MAU
- 用户无法卸载
- 攻击竞争对手 App
- 窃取用户隐私数据
- 逃避隐私合规监管
等各种涉嫌违规违法目的。
Reference:
留言
張貼留言