A shocking discovery has been made on Google Pixel devices that could put millions of users at risk. A dormant software called “Showcase.apk” with excessive system privileges has been found on these devices, making them susceptible to potential cyber-attacks and malware infections.
The mobile security firm iVerify, in collaboration with Palantir Technologies and Trail of Bits, revealed that this pre-installed Android app has the ability to remotely execute code and install arbitrary packages on the device. The app downloads a configuration file over an unsecure connection, leaving the device vulnerable to exploitation.
The app, known as Verizon Retail Demo Mode, requests nearly three dozen different permissions, including location and external storage access. Although it has been around since 2016, its security flaws have only recently come to light.
The primary concern lies in the app downloading the configuration file over an unencrypted HTTP connection, making it possible for threat actors to tamper with it en route to the device. While there is no evidence of exploitation so far, the potential for malicious activity is high.
It’s important to note that this app is not developed by Google, but by Smith Micro for demo purposes. The app is present on the devices as part of Verizon’s requirements, but Google has announced plans to remove it from all supported Pixel devices in an upcoming software update.
Although physical access to the device and user password are required for exploitation, the risk posed by this vulnerable app cannot be ignored. Google is taking proactive steps to address the issue and ensure the security of its users.
For more cybersecurity news and updates, follow us on Twitter and LinkedIn.