Kaspersky Lab has released a free mobile application for device running the Android operating system. According to the company, Kaspersky Fake ID Scanner scans smartphones and tablets for vulnerabilities that place users’ valuable data, privacy and even money at risk.
Kaspersky Lab confirmed that one of the most notable new vulnerabilities is a flaw found by experts at Bluebox Labs that enables attackers to disguise any applications, including malicious, as legitimate programmes developed by well-known vendors. The vulnerability was named Fake ID.
Another vulnerability that has made headlines is Heartbleed. It can be exploited to read memory on systems that use certain versions of the OpenSSL protocol. This means that attackers can get access to sensitive user data by sending specially crafted requests. This flaw affected many companies.
One of the latest discoveries is the Master Key vulnerability which enables cybercriminals to access any Android device with administrator privileges. This means that an attacker can launch any software on a device without the owner’s knowledge.
Although, as a rule, Google quickly closes such vulnerabilities, millions of Android users remain at risk, since it often takes device manufacturers a long time to update firmware. Malware can use such vulnerabilities to make its way onto smartphones and tablets, often disguised as popular applications, in order to steal personal data stored on the devices, hijack user accounts on social networks, steal online banking credentials, etc.
In order to prevent such vulnerabilities from being exploited, the company has developed Kaspersky Free Fake ID Scanner – a tool which enables Android device owners to scan their devices for all of these vulnerabilities and ascertain that no applications that exploit them are installed on their devices.
According to Kaspersky Lab, the application does not close the vulnerabilities detected, but it prompts the user to install a free version of Kaspersky Internet Security for Android if any threats are detected. That product will protect the device against malicious code regardless of the vulnerabilities exploited by the malware.
The application, which is compatible with Android 2.3 and later versions, is available in Google Play in two languages – English and Russian.