PITTSBURGH (KDKA) — Experts are warning Android phone users about a security issue. It’s called Fake ID, and could allow malicious apps to access the other programs on your phone.
The Fake ID malware sneaks onto your smartphone through Trojan apps – sometimes taking over the actual apps completely.
“It is the name given to a flaw in software on Android that allows a piece of software to pretend it’s another piece of software that is legitimate,” said Marty Lindner from Carnegie Mellon University’s Software Engineering Institute.
The problem was first discovered by Bluebox Labs, a mobile security company.
Once an app is taken over, either fully or partially, the fake programs could give hackers access to your passwords or financial information. Hackers may also take over your phone remotely.
Google released a patch for the loophole, but people with Android version 2.1 through 4.4 may still be affected by Fake ID. The company also sent out a generic coding fix for the problem. Software developers are working on a permanent fix.
Until then, there are steps you can take to prevent becoming a victim. First, contact your cell phone provider to get the fix on your phone. Second, reduce your risk by not using your phone for sensitive activity — things like banking or credit card transactions. Instead, use one central computer where you can really focus on your cyber security. And third, once you have the fix from your cell phone carrier, delete all your apps and replace them to make sure you get rid of any fake ones.