{"id":4050,"date":"2016-11-29T14:55:10","date_gmt":"2016-11-29T19:55:10","guid":{"rendered":"http:\/\/community.mis.temple.edu\/itacs5211fall16\/?p=4050"},"modified":"2016-11-29T14:55:38","modified_gmt":"2016-11-29T19:55:38","slug":"over-the-air-update-mechanism-exposes-millions-of-android-devices","status":"publish","type":"post","link":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/2016\/11\/29\/over-the-air-update-mechanism-exposes-millions-of-android-devices\/","title":{"rendered":"Over-the-Air Update Mechanism Exposes Millions of Android Devices"},"content":{"rendered":"<p>The insecure implementation of the OTA (Over-the-air) update mechanism used by numerous Android phone models exposes nearly 3 million phones to Man-in-the-Middle (MitM) attacks and allows adversaries to execute arbitrary commands with root privileges.<\/p>\n<p>The vulnerable OTA update mechanism is associated with Chinese software company <strong>Ragentek Group<\/strong>, which didn\u2019t use an encrypted channel for transactions from the binary to the third-party endpoint. According to security researchers at\u00a0AnubisNetworks, this bug not only exposes user-specific information to attackers, but also creates a rootkit, allowing an adversary to issue commands that could be executed on affected systems.The code from Ragentek contains a privileged binary for OTA update checks as well as multiple techniques to hide its execution. Located at <em>\/system\/bin\/debugs<\/em>, the binary runs with root privileges and communicates over unencrypted channels with three hosts. Responses from the remote server include functionalities to execute arbitrary commands as root, install apps, or update configurations.<\/p>\n<p>The issue, tracked as <b><a href=\"http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2016-6564\">CVE-2016-6564<\/a><\/b>, is that a remote, unauthenticated attacker capable of performing a MitM attack could replace the server responses with their own and execute arbitrary commands as root on the affected devices.<\/p>\n<h5 class=\"page-title\">http:\/\/www.securityweek.com\/over-air-update-mechanism-exposes-millions-android-devices<\/h5>\n","protected":false},"excerpt":{"rendered":"<p>The insecure implementation of the OTA (Over-the-air) update mechanism used by numerous Android phone models exposes nearly 3 million phones to Man-in-the-Middle (MitM) attacks and allows adversaries to execute arbitrary commands with root privileges. The vulnerable OTA update mechanism is associated with Chinese software company Ragentek Group, which didn\u2019t use an encrypted channel for transactions [&hellip;]<\/p>\n","protected":false},"author":14254,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-4050","post","type-post","status-publish","format-standard","category-uncategorized","entry"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/4050","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/users\/14254"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/comments?post=4050"}],"version-history":[{"count":1,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/4050\/revisions"}],"predecessor-version":[{"id":4051,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/4050\/revisions\/4051"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/media?parent=4050"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/categories?post=4050"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/tags?post=4050"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}