Android flaw could allow hackers to turn on camera, wipe device


INDIANAPOLIS — Cyber-security experts are calling a newly revealed Android flaw “likely the biggest ever discovered.” The flaw could allow hackers to wipe your Android device or even secretly turn on the camera.

New research suggests nearly a billion Android phones are capable of being hacked simply by receiving a picture via text. It affects 95-percent of the Androids in use today and you don’t even have to open the message for the malware to download.

That’s because of the way Android phones analyze incoming text messages. Even before you open a text, the phone automatically processes incoming media files, including pictures, audio, and video. Once that happens, the bug allows hackers to take full control of all device functions, including access to apps, the camera, and even wiping the device clean.

In a statement to CNN, Google acknowledged the flaw. It assured that Android has ways of limiting a hacker’s access to separate apps and phone functions. Yet hackers have been able to overcome these limitations in the past.

Zimperium, the company that identified the flaw, says it told Google about it in April and even provided a fix. The company says Google responded the very next day, assuring a patch was on the way.

A 90-day grace period is typical for issues like this, but Zimperium says 110 days have now passed, so they’re going public with the issue.

Google told CNN that it has sent a fix to it’s partners, but it’s unclear the message is getting out to users.

The problem is Apple can instantly push out updates to all iPhones if an issue ever arises, but Google can’t do that. Google has to work with their phone carriers, like AT&T and Verizon, and the makers of the devices, like Samsung, in order to reach users.

Longtime hacker and cyber-security expert Chris Wysopal told CNN “I’m interested to see if Google comes up with a way to update devices remotely. Unless they can do that, we have a big disaster on our hands.”

WSLS 10 may allow you to upload, post, transmit or otherwise provide content to WSLS 10, including, but not limited to, photos, video, audio, comments, articles, blogs, forums and any other such communication in which you provide content to the Web site ("User Content"). You agree that you are solely responsible for your communications and any content you provide. Read full terms and conditions of use by clicking here.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s