A new remote vulnerability was discovered to exist in Android smartphones, according to The Washington Post.
The hidden security vulnerability could potentially allow user data to be accessed remotely, which understandably gained the attention of cybersecurity experts. The vulnerability was discovered by iVerify, a security firm, and highlighted the file Showcase.apk as a dormant spy. The apk file could be activated using remote access and leak user data to another device. It’s worth noting that Showcase.apk was discovered on Android phones, including the Pixel lineup.
iVerify claims that the apk file was designed to thrive in a retail environment and allow employees to show off the features of a smartphone to potential buyers. When activated, the application could transmit data to a server using an HTTP connection. Attackers can then execute code on a remote basis and introduce spyware and other malicious apps to gain access to sensitive data.
