Popular utility tools are marked as "Risky" by Trustlook

utility harmless1 

Here’s our 3rd disclosure about the JSInterface Remote Code Execution Vulnerability . This time we found some very popular utility tools – Cache cleaners, Browsers, Flashlights etc – that may render your phone vulnerable to an Man-in-the-Middle attack. Want to see how an attacker compromise your phone in 10s using this vulnerability? Check our original demo video here!

The list below are the tools that have been marked as risky in our Trustlook Antivirus. Note: we will not sort every affected app into “malwares”. We do it only when the vulnerability is confirmed exploitable.

Package Name App Name Installations
com.smartanuj.hideitpro Hide Pictures – Hide It Pro 5M – 10M
com.cookpad.android.activities CookPad – No.1 5M – 10M
mobi.infolife.cache App Cache Cleaner – 1Tap Clean 5M – 10M
com.miumeet.android.client MiuMeet – Live Online Dating 1M – 5M
com.mobisystems.msdict.embedded.wireless.wordnet Advanced English & Thesaurus 1M – 5M
torcia.plus Better FlashLight HD + LED 1M – 5M
name.markus.droesser.tapeatalk Tape-a-Talk Voice Recorder 1M – 5M
net.daum.android.shoppinghow Shoppinghow 1M – 5M
org.detikcom.rss detikcom 1M – 5M
com.adaptiveblue.GetGlue GetGlue – App for TV & Movies 1M – 5M
com.zumobi.android.motortrend MOTOR TREND News 0.5M – 1M
com.speedymarks.android.temperatureFree Temperature Free 0.5M – 1M
com.inbox.boro.lite Fast Messenger for Facebook 0.5M – 1M
com.ft.news Financial Times 0.5M – 1M
com.crowdstar.avatar Top Stylist 0.5M – 1M
com.androidesk Androidesk Wallpaper 0.5M – 1M
kr.or.lug.ontimealarm OnTimeAlarm 0.1M – 0.5M
ru.ideast.championat Championat.com 0.1M – 0.5M
sanmsung.actvity Samsung Mobile Catalog 0.1M – 0.5M
org.espier.browser Espier Browser 0.1M – 0.5M
bg.angelov.horoscope Numerology Daily Horoscope 0.1M – 0.5M
Total: 25.5M – 73.5M

 

At last, although the Valentines’ Day has just passed, Trustlook still wants to remind you: Safety First! 😛
1743685_541652419283901_1984493623_n

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s