nexus-6-review-display-8

There are many who support Android’s open ecosystem while others express concerns related to malware and security vulnerabilities that can put millions of people at risk. It’s not like Google isn’t doing enough to ensure that Android users are safe but when has that ever stopped hackers from trying to find a way in. A new flaw has been discovered in Android which can allow hackers to break into the device by just sending one text message to the intended target.

Joshua Drake, a researcher at Zimperium, explains that to exploit this flaw a hacker will create a short video and hide the malware inside it and will then text the video to the target’s number. As soon as the text is received the vulnerability is triggered because it just requires the initial processing to become active.

Hangouts automatically processes video so that it’s readily available for the user in the device’s gallery, this means that the malicious code can break into the device without the user actually opening the text. They might not even give a second thought about opening that text but the code would have already entered the device by then.

Zimperium points out that Google has been implementing fixes but it’s not going to be enough due to Android’s open nature, even if this flaw is patched the update would probably only reach about 20 percent of all Android users out there estimates Drake. The rest will have to wait for their manufacturers and carriers to approve the update first before it arrives, which means they’ll be vulnerable until then.

There is a temporary fix though, stop using Hangouts as the default texting app. Many reputable third-party texting apps are available that don’t automatically download a video until the user opens the text. At least this gives them enough time to delete a message without opening it if it’s from an unknown number.

Filed in Cellphones. Read more about Android and malware.

User Comments