Home
Apps
Apps News
Chrome Security Flaw Allows Android Apps to be Installed Without User Knowledge

Chrome Security Flaw Allows Android Apps to be Installed Without User Knowledge

By NDTV Correspondent | Updated: 24 November 2014 20:18 IST

Click Here to Add Gadgets360 As A Trusted Source

A new bug affecting the Chrome browser has been found, which reportedly allows drive-by installations of apps on users' handsets without their knowledge. Apps can then extract users' personal information and send it back to the malware author.

Security website Extension Defender reports that the Chrome browser extension bug "allows the company behind it to install an app on your phone without you providing your permission or ever even knowing it was installed."

The website notes that a company called Revjet.io which calls itself a "browser extension monetization" service uses code from another website, Vulcun.com, which enables the background installations. Vulcun.com is a desktop-to-mobile ad server, which lets developers integrate advertisements into their apps.

However, the small snippet of code runs periodically in the background and waits for an opportunity to install apps without a user noticing. The confirmation dialog and permission prompts are also hidden from users. App developers sometimes pay for ads which deliver click-throughs and app installs, so the ad service can make money by delivering installations whether or not users want them. Extension Defender notes that some of the apps used by the malware include 3Dnator, FB Auto-Poker, Post To Tumblr, and Alert Control.

Google has not responded to the report and is yet to take some steps to deal with the threat.

In related news, a report from earlier this month highlighted a Wi-Fi related bug that is causes trouble when users running the latest build of Android on a Nexus device try hooking up to a Wi-Fi network. The bug does not seem to have affected non-Nexus devices so far. Google, however, has acknowledged that issue and will issue an update soon.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.