Flaws in Pre-Installed Apps Expose Millions of Android Devices to Hackers

[Aug 14, 2018]

Nearly all Android phones come with useless applications pre-installed by manufacturers or carriers, usually called bloatware.

Researchers (from mobile security firm Kryptowire at the DEF CON security conference on Friday.) disclosed details of 47 different vulnerabilities deep inside the firmware and default apps (pre-installed and mostly non-removable) of 25 Android handsets that could allow hackers to spy on users and factory reset their devices, putting millions of Android devices at risk of hacking.

At least 11 of those vulnerable smartphones are manufactured by companies including Asus, ZTE, LG, and the Essential Phone, and being distributed by US carriers like Verizon and AT&T.

Other major Android handset brands include Vivo, Sony, Nokia, and Oppo, as well as many smaller manufacturers such as Sky, Leagoo, Plum, Orbic, MXQ, Doogee, Coolpad, and Alcatel.

Some vulnerabilities discovered by researchers could even allow hackers to execute arbitrary commands as the system user, wipe all user data from a device, lock users out of their devices, access device’s microphone and other functions, access all their data, including their emails and messages, read and modify text messages, sending text messages, and more—all without the users’ knowledge.

Cyber Security Tips:

  • Users are recommended to keep theirs phone on Automatic Mode of Update in Settings.
  • Do regularly update all of your Apps in phone from Play Store.

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: