If you look at the recent vulnerability that has been discovered on android called “Android Class Loading Hijacking”, it is very similar to the dll hijacking attacks on windows which has been an age old way to run malicious code. A detailed analysis of this recent vulnerability can be found here. There are multiple ways to exploit such a vulnerability – by overwriting the code that the loader is using from an insecure location or by replacing the critical personal data stored and hence making a legitimate application do malicious stuff.

The promise of simplicity

If you look at the big promise of android over linux as a mobile OS, it has been the simplicity to write great apps and this is clear visible in all the android introduction presentations from google. If the developers start to really believe in this simplicity and they do not understand the intricacies of where to store the data and where to load the code from and how to secure these locations, then we will have pretty looking applications that can exploited with ease.

How will this evolve?

Given that android is getting such a wide spread adoption on all kinds of devices, the security technologies will evolve in a very similar manner as in windows world starting with the A/V technologies and then moving towards behavior based technologies and others. If you see this latest vulnerability, this can be easily prevented from being exploited with whitelisting like technology in windows world.