Sony Removes Compromised Backup and Restore App From Google Play
November 25, 2014
Sony, after reports about its Backup and Restore app being compromised, has removed the newly-listed app from Google Play.The app in question comes preloaded on the flagship Sony Xperia Z3
and some other Xperia devices, and is the company's proprietary
solution for backing up and restoring user data such as media, mails,
messages and contacts on to a microSD card. The Backup and Restore app
was earlier published and managed by Sony; though the app on Monday was
reported to show "Nirav Patel Kanudo" as the publisher while it was
managed by "HeArT HaCkEr Group".
Notably, the Backup and Restore app cannot be uninstalled from devices, which causes major problems for Xperia Z3 users who already use the app to back up their data. As of now, there is no official word on the status of the app already preloaded on Sony phones.
The breach of Sony's Backup and Restore app was reported
by Xperia Blog, which notes, "Looking at the Play Store 'My apps'
section on our Xperia Z3 reveals that the app is now managed by the
"HeArT HaCkEr Group." As a system app, there is no way to delete the app
either, so given the permissions this particular app has it is a
serious issue."
The publication also speculates, "Potentially, Sony Mobile's Play Store account may be compromised, where the hacker has replaced the original app."
The Japanese company on its support forums has acknowledged the issue and writes, "Sony Mobile takes the security and privacy of customer data very seriously. We are currently investigating these reports. More information will follow as soon as we have fully assessed the situation."
As Android Police notes, being a proprietary app for select Xperia devices, the "app wasn't published on the Play Store before Saturday", and the hacker essentially exploited "the way the Play Store checks for updates to apps currently installed on your phone."
Notably, the Backup and Restore app cannot be uninstalled from devices, which causes major problems for Xperia Z3 users who already use the app to back up their data. As of now, there is no official word on the status of the app already preloaded on Sony phones.
The breach of Sony's Backup and Restore app was reported
by Xperia Blog, which notes, "Looking at the Play Store 'My apps'
section on our Xperia Z3 reveals that the app is now managed by the
"HeArT HaCkEr Group." As a system app, there is no way to delete the app
either, so given the permissions this particular app has it is a
serious issue."The publication also speculates, "Potentially, Sony Mobile's Play Store account may be compromised, where the hacker has replaced the original app."
The Japanese company on its support forums has acknowledged the issue and writes, "Sony Mobile takes the security and privacy of customer data very seriously. We are currently investigating these reports. More information will follow as soon as we have fully assessed the situation."
As Android Police notes, being a proprietary app for select Xperia devices, the "app wasn't published on the Play Store before Saturday", and the hacker essentially exploited "the way the Play Store checks for updates to apps currently installed on your phone."
No comments:
Post a Comment