Root apps threaten all Android users

[[152377]]

In China, Android Root is very popular, and mainstream application developers have participated in the development of Root tools, such as ROOT Genie, 360 One-Click ROOT and Kingroot. Exploiting vulnerabilities to obtain system root permissions is not only unsafe for ordinary users, but it also opens the door for malicious applications to bypass the security defense of the Android system. In China, the Android mobile application environment is quite harsh. At the ACM Computer and Communications Security Conference held this week, researchers from the University of California, Riverside, published a report titled "Android Root and its Providers: A Double-Edged Sword" (PDF). The researchers spent a month of their free time reverse engineering a Root tool containing 167 vulnerabilities. They believe that Root tools provide malicious applications with a large number of customizable and easily reverse-engineered vulnerability exploits, allowing malicious applications to bypass the detection of security tools, thereby exposing all Android users to growing risks. Researchers said that ROOT application providers should have fully protected the exploitable vulnerabilities they contained, but in reality these vulnerabilities can be easily borrowed by malicious program authors.