fulldisclosure logo
Full Disclosure
mailing list archives



  By Date  
     
  By Thread  
     



Google’s Android: remote install backdoor in Google Play Services



From: “Enrico Weigelt, metux IT consult” <info () metux net>
Date: Fri, 10 Jul 2020 13:16:23 +0200



=======================================================================
Advisory: Google's Android (play services) built-in backdoor for remote
app installation.
======================================================================= Google's PlayServices has a built-in backdoor which allows Google Inc,
or anybody who has access to some device owner's Google account to
remotely silently deploy any apps (at least those listed in the AppStore). Some technical background: * PlayServices (GMS) frequently polls Google services for various kinds of push messages
* amongst those push message is one for triggering the GMS to *silently* download and install some app from Google app store
* there's no explicit notification, nor asking for confirmation (except for download progress shortly appearing in status bar) Possible attackers: * anybody who highjacked victim's Google account
* Malicious operatives at Google Quick mitigation: a) take away all permissions (especially changing system settings) from Google Play Services as well as Google Play Store --> dramatically reduced the ratio of successful remote deployments via Google App Store Web interface b) disable / remove Google Play Services and Google App Store Legal considerations: It is clear that Google explicitly built in an backdoor for silent
remote deployment, without user concent - which is an criminal offense
in most jurisdictions. (eg. CFAA in the US, ยง303 StGB in Germany). Law enforcemence agencies are called to start criminal prosecution,
victims (virtually any Android user) might consider filing criminal
charges against Google. ---
Enrico Weigelt, metux IT consult
Free software and Linux embedded engineering
info () metux net -- +49-151-27565287 _______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/







  By Date  
     
  By Thread  

Current thread:

  • Google’s Android: remote install backdoor in Google Play Services Enrico Weigelt, metux IT consult (Jul 13)




Follow me for more information.

X