Trustlook Releases BadKernel Vulnerability Detector

App Identifies Issue Affecting 100 Million Android Users


SAN JOSE, CA--(Marketwired - August 29, 2016) - Trustlook Inc., an innovator in next-generation mobile device security solutions, has released a new feature in its free Trustlook Mobile Security app that detects BadKernel, the widespread vulnerability affecting millions of Android devices.

First discovered by the 360 Security research team in August 2016, BadKernel is a flaw in the Google Chromium mobile browser framework that spreads as users click on malicious links. Users of older versions of Chromium-powered mobile browsers, as well as applications with embedded Webview (such as the massively popular WeChat app) may be vulnerable. If infected, a user's contacts and text messages could be exposed, as well as any payment passwords.

To determine if their device is vulnerable to this threat, users should open the Trustlook Mobile Security app, navigate to the BadKernel Vulnerability detector on the main screen, and click "Check it Now." If they are exposed, they can update their browser software.

"Since many phones are not using the most current browser software, I expect this zero-day attack will be used widely by hackers," said Allan Zhang, CEO and Co-Founder of Trustlook. "Users should run a quick scan of their phone and update their browser if they are affected."

The BadKernel vulnerability impacts an estimated 100 million Android smartphones and tablets. The flaw involves a bug in the source code of Google's V8 JavaScript Engine, which is a component of the open-source Chromium. An attacker can exploit this flaw to cause key object information leakage.

In order to protect themselves from this vulnerability or any other potential threats, Trustlook suggests users not click on random links or links that appear suspicious. They also stress users keep their apps and OS updated, and continually monitor their device for any potential issues.

To check if your Android device is affected by the BadKernel vulnerability, please download the free Trustlook Mobile Security app.

About Trustlook
Trustlook (www.trustlook.com) is a global leader in next-generation mobile device security with solutions that find more vulnerabilities sooner than any other to provide the industry's smallest vulnerability window. The innovative Trustlook Mobile Security-as-a-Service (MSaaS) cloud platform and Sentinel on-device platform deliver the performance and scalability needed to provide total threat protection against viruses, spyware, phishing, ID theft, data loss, snooping and other forms of attack. Trustlook's solutions protect users from both known and zero-day threats by examining over 20,000 new and updated applications every day for malware and malicious behavior. Founded in 2013, the company is headquartered in San Jose and managed by leading security experts from Palo Alto Networks, FireEye, Google and Yahoo.

Contact Information:

Press Contact:
Joe Sullivan
PR Manager
Trustlook
jsullivan@trustlook.com
408-504-7691