Norton Halt exploit defender (com.symantec.android.nfr) on Google Play
Norton Halt is a first responder app designed for your Android smartphone that alerts you about the latest, breaking security vulnerabilities and exploits, including the Stagefright vulnerability, Apache Cordova vulnerability, Android Fake ID vulnerability, and other issues. Vulnerabilities like these threaten your device and personal information by allowing attackers to bypass system permissions, inject malicious code, and install unauthorized apps. FEATURES• Checks whether your device has Stagefright vulnerability• Checks for browsers that are vulnerable to Same Origin Policy Security Bypass• Scans for apps that use vulnerable versions of the Apache Cordova toolkit• Lets you know whether your device has the Fake ID vulnerability• Scans your phone to detect MasterKey vulnerability and the Obad Trojan virus • Prevents multiple lock screen bypass exploits• Detects Exynos 4 exploit and USSD code attacks • Blocks unauthorized USSD code requests and stops the dialer from executing USSD codes• Updated periodically to help protect against threats and vulnerabilities that can expose personal data and financial information. WHAT IS THE STAGEFRIGHT VULNERABILITY?Stagefright vulnerability is a remotely exploitable software defect that affects the Android operating system, it allows an attacker to perform arbitrary operations on the victim device through remote code execution and privilege elevation. WHAT IS THE ANDROID BROWSER SAME ORIGIN POLICY SECURITY BYPASS VULNERABILITY?The issue allows an attacker to bypass the same origin policy in the Android Open Source Project (AOSP) browser by convincing a user to visit a malicious website. Once the bug is exploited, the attacker could view any Web page open on other windows on the AOSP browser. The attacker could also steal a copy of the user’s session cookie and hijack the user's session, which could allow the attacker to gain access to the user's email account, for example. WHAT IS THE APACHE CORDOVA VULNERABILITY?Apache Cordova is a widely used toolkit that allows developers to build apps using HTML, CSS, and JavaScript. Many Android apps, especially banking apps, are open to attack due to a vulnerability in the Apache Cordova platform. This vulnerability can be used to remotely extract user’s information, including login credentials. Later versions of the Apache Cordova patches the bugs. WHAT IS THE FAKE ID VULNERABILITY?Fake ID is a vulnerability in the Android OS that allows malicious apps to break out of a key security sandbox and gain access to parts of the Android OS that are usually out of bounds to most apps. These apps “fake” certain Android credentials to gain access other apps on the device and steal users’ personal information (passwords, financial information, etc.). WHAT IS THE MASTER KEY EXPLOIT?MasterKey malware hijacks installed apps to turn them in to malicious Trojans that can access personal information on the device. Infected devices can be used to steal user data or to create a mobile botnet. WHAT IS THE LOCK SCREEN BYPASS EXPLOIT?Variations of this exploit allows attackers to gain full access to your device by bypassing the PIN/password/pattern lock screen. WHAT IS THE OBAD EXPLOIT?The Obad exploit injects malicious code into existing apps, to extend the app’s permissions and steal your personal information, usually sending the data via SMS. WHAT IS THE USSD EXPLOIT?The USSD codes exploit has the potential to initiate a complete wipe of data on your phone and SIM card. --------------------------------------------------TRUST NORTON BY SYMANTECFounded in 1982, Symantec has more than 20,000 employees in more than 50 countries, has provided leading security, backup, and availability solutions. PRIVACY POLICYSymantec respects your privacy and promises to carefully safeguard your personal data.For more information: http://www.norton.com/mobile-privacy-policy