Google and Samsung smartphone users beware; there seems to be a new vulnerability out there that can potentially impact all the Android users out there and is being called the biggest vulnerability to date.
This vulnerability was brought to attention by Checkmarx’s security team which has been uncovering such big and alarming threats for quite some time now. They have previously uncovered threats covering from that of Alexa by Amazon to the popular dating app Tinder.
So how exactly can this vulnerability be exploited? Well, this vulnerability allows an attacker to take complete control of your smartphone camera apps and remotely use it to snap photos, record video, spy on your text messages, identify your location, and more. All of these tasks can be performed silently, in the background, without the user ever knowing his or her smartphone device has been compromised.
The said vulnerability allows a rogue application to grab input from a smartphone’s camera, microphone, GPS location and much more remotely. These big security implications are the reason Android Open Source Project (AOSP) specifically has made it mandatory for a user to manually approve to enable these actions if and when an application request permission.
What the researchers at Checkmarx did was created an attack scenario that let them bypass these permissions from the Google Camera app. This attack was made possible by creating a ‘malicious’ app that had to gain seemingly common permission which is the storage access on a device. From there on the malicious app was able to do all the damage as mentioned earlier.
So how do Google and Samsung plan to deal with such wide shortcomings in security on their manufactured devices?
A spokesperson from Google said that they highly appreciate the researchers at Checkmarx for bringing the major security flaw to their attention and that Google and Android partners are working together and coordinating to close this issue as quickly as they can. A security patch has already been issued to fix the problem as of now.
Media houses also reached out to Samsung to get a statement regarding this security flaw but were unable to get a response at this moment. However, if you have the latest version of the camera app on your smartphone devices then you are good to go and will be protected from this attack.
The takeaway from this whole situation
We definitely live in a more scarier world with the advent of technological improvements. With newer and more advanced smartphones coming into the marketplace, so are the chances of our data being exploited and misused by these seemingly small flaws in the security with big implications.
We need to make sure we are always well-informed and well-aware of these updates to make sure we are well protected in advance from such attacks that can definitely lead to a lot of damage and harm if goes unchecked. Cybersecurity can no longer be ignored and has to be taken seriously in today’s day and age.
