Got an Android phone? BEWARE: Security experts find flaw that lets hackers take over your phone - and find out where you live
comments
Android smartphone owners are being warned about a vulnerability spotted in the advert libraries used by popular apps.
These libraries, which are used across apps to show adverts on the device, can be exploited by hackers to take complete control of Android phones and tablets - even if they're running antivirus software.
This means hackers can take photos, record videos, send text messages and access the phone's clipboard - and from this they can determine the user's location, and even passwords.
Scroll down for video
The vulnerability was found in the ad libraries used on popular Android apps (selection pictured) by researchers from California-based Fireye. Hackers can exploit this flaw to move traffic from the ad server to their own, and once they have the device attached to their server, they can take control of the phone
The vulnerability was discovered by researchers Yulong Zhang and Tao Wei from security firm Fireye.
They analysed 73,000 popular apps from Google Play with more than 50,000 downloads, and identiļ¬ed 93 ad libraries.
The vulnerability isn't with the apps themselves, but the ad libraries used via the Android software.
The hacker begins by exploiting the flaw in the code of Android ad libraries and uses it to push traffic from the advertiser's server to their own 'attack' server.
Once the phone is running on the attack server, the hacker can generate fake messages to appear each time a selected app is opened, for example.
During a demonstration video, Rob Rachwald, senior director of corporate communications used a Samsung Galaxy S4, running Android 4.4.2, loaded with antivirus software, including Kaspersky.
He explained that within the attack server, the hacker can choose which permissions to grant themselves, such as taking photos, recording audio and video, send text messages, upload the clipboard, and make calls.
This attack, in theory, could run when any app the hacker selects to target is opened.
Opening the infected app generates a fake message, which then grants permission for the hacker to control the device.
Depending on the permissions the hacker is requesting, this means they can take a photo using the phone's camera, for example.
This reveals photographic clues about the user's home or office, for example, and the data in the photo filename can also reveal their GPS co-ordinates.
The same applies for videos recorded on the phone, in secret.
Depending on the permissions the hacker is requesting, this means they can take a photo using the phone's camera. The photo filenames can also reveal the GPS co-ordinates of the user (pictured). During a demonstration Fireye used a Samsung Galaxy S4, running Android 4.4.2, loaded with antivirus software
Taking control of the clipboard is significant, continued Rachwald, because it can be used to store passwords, as well as all the applications that appear on the target's phone.
This helps the attacker to know what applications the user has, and they can use the passwords they've obtained to try and access all the applications in this list.
It can also send messages and calls.
The researchers notified Google, ad vendors and app developers about related issues earlier this year, but said there are still 'millions of users under the threat of Sidewinder Targeted Attacks.'
Users are advised to be cautious when clicking and agreeing to messages that appear on their phones when opening apps.
Put the internet to work for you.
0 comments:
Post a Comment