Other than the vicious hack that is locking up Android devices and demanding $500 in exchange for unlocking the device, there is another Android hack that is lurking. Password protected Android devices are now easily being targeted and hacked without too much energy being expended.
“A security analyst at the University of Texas’s information security office in Austin has discovered that the widespread version 5 of Android is vulnerable to an easy lock-screen-bypass attack,” according to Wired.
“The hack consists of basic steps like entering a long, arbitrary collection of characters into the phone’s Emergency Call dial pad and repeatedly pressing the camera shutter button.”
After gaining access to the device the hackers will be able to exploit apps as well as explore the data on the affected devices. There is also a developer mode that can be accessed by the hack which attackers could further use to install malicious software on to the mobile devices.
“My concern when I found this…was thinking about a malicious state actor or someone else with temporary access to your phone,” said John Gordon of UT.
“If, say, you give your phone to a TSA agent during extended screening, they could take something from it or plant something on it without you knowing.”
Gordon found the bug while idly tapping a combination of elements of the screen of his Android phone. It’s pretty remarkable what can be uncovered through the simplest of actions. Security bugs are a growing concern and the fact that hacks can be stumbled upon mistakingly is pretty alarming.
“Gordon tested the attack only on Nexus devices, but he believes it likely works on other Android devices that use version 5 of the operating system,” according to Wired.
“He reported the issue to Google in late June, and Google issued a patch for the problem last month. But given Android’s problem of depending on carriers to push out patches to devices, Gordon believes that most of the affected phones remain vulnerable for now.”
So, Android users may want to be a little more careful about who accesses their devices, especially after the hack has be made public.
Read the full story.