We recently told you about a security bug that was found inside iOS that would let an attacker get into any iPhone or other iOS devices. Interestingly, that bug was found by the Google Project Zero team which finds security loopholes inside various systems. Google’s Project Zero also gave information about the vulnerability to Apple and the company fixed it quickly as well. Now, the tables have turned and Android devices are found to be vulnerable. There is a security flaw found inside Android devices that will make millions of devices vulnerable to a hack.
According to an estimate, this vulnerability would affect more than a billion Android devices. The report also mentions that Android devices from LG, Samsung, Huawei and Sony might get compromised due to this flaw. This flaw was found out by the security research firm Check Point. Check Point says that just a simple text message is enough for this flaw to gain access to a person’s emails.
Check Point’s security researcher says that “Given the popularity of Android devices, this is a critical vulnerability that must be addressed,”. While Check Point mentions that devices from Huawei, LG, Sony and Samsung might be affected, they are talking in general terms. Reality is that any Android device out there can be affected with this flaw.
In this hack, a technique which mobile operators use to register new users to its network is used who also send a text message. While you join a network, your mobile operator would send you a OMA CP message. Similarly, someone else other than your mobile operator can also send you a same message which this flaw takes advantage of.
Check Point says that “When the user receives an OMA CP message, they have no way to discern whether it is from a trusted source,” “By clicking ‘accept’, they could very well be letting an attacker into their phone.”. The trick here is to not accept the message but that could also be from a trusted source.