A new vulnerability on Windows Phone has just been unearthed that allows malicious apps to run with the same permission as the target. Something Microsoft needs to look at right away.
Discovered by a XDA-Developers forum member here, this loophole provides users with a ridiculously easy way to replace a legitimate application on Windows Phone with a rogue one — which, interestingly, inherits the same data access permissions.
It involves simply transferring the installation data of the malicious app into the program directory of the target, though it involves a few extra steps.
The ability to sideload apps is essential for this trick to work. Microsoft, of course, added this ability to load applications from SD cards in Windows Phone 8.1.
Anyway, the first step is to create the same manifest for the rogue app as the legitimate one, and then have them installed on the target device. The files are replaced in the program directory, and the original software is swapped with content from the custom package.
The developer tested this hack on a Lumia device, and even created a registry tool that allows writing registry values with the inherited permissions.
All things considered, the discovery of this loophole could allow cybercriminals to target Windows Phone users with malicious applications. Hopefully Microsoft gets to this first, and releases an update that tightens up security on its mobile platform.