The technique is not complicated at all – the installation information of the rogue application is being transferred to the program directory of the targeted system.
The 8.1 version of Microsoft’s mobile OS presents the users with the opportunity to side-load applications from an SD card. This feature is imperative for the hack, which was first detected by a member of an XDA-Developers forum using the alias “djamol”. He explains that the process is quite simple:
- First of all the same manifest for the malicious application has to be created like the one for the legitimate app.
- Then they need to be installed on the targeted device.
- The next step is to replace the files in the program directory of the authentic software with the custom package’s content.
- In the end, the malicious app is supposed to start with the same permission as the original one.
The whole process was tested by the developer. For the experiment, he used a Lumia device.
According to the same forum post, a registry tool that allows writing registry values with the acquired permissions has been developed as well.
This flaw may make malicious attacks targeting Windows Phone users possible since the rogue code can be modified to target trusted apps that have access to information desired by the cyber criminals.