Android Device Can Be hacked By Knowing Your Phone number: See How
Android Device Can Be hacked By Knowing Your Phone number: See How
Certain Android phones can be remotely hacked, according to a Google warning, without the intended victim having to do anything.
If an attack is successful, the hacker could gain access to data passing via the widely used Samsung Exynos chipsets, snatching up call and text message data.
ALSO, READ An Easy Guide On How To Recover A Hacked WhatsApp Account On Android
And what information about you would a hacker need to target your phone?
Your contact info.
I’m done now. They only require the phone number associated with your Android handset.
That is very abhorrent. It’s simple to picture how such a security flaw could be taken advantage of by, like, I dunno, state-sponsored hackers.
Android Device Can Be hacked By Knowing Your Phone number
The built-in Exynos modem in some phones has a total of 18 zero-day vulnerabilities, according to security experts from Google’s Project Zero team, with four of them being extremely severe:
ALSO, READ How To Protect Your Cell Phone Accounts From Hackers
Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.
According to the researchers, the other vulnerabilities require either a malicious mobile network operator or an attacker with physical access to the Android device.
Devices that can be hacked remotely include:
- Samsung smartphones, including those in the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series;
- Vivo smartphones, including those in the S16, S15, S6, X70, X60 and X30 series;
- Google Pixel 6 and Pixel 7 devices; and
- any vehicles that use the Exynos Auto T5123 chipset.
It’s important to note that certain smartphones will use the Qualcomm chipset and modem, which don’t have the same security flaws as the Exynos one.
ALSO, READ Privacy And Safety Precautions For Gadget Users 2022
It goes without saying that Google’s Project Zero vulnerability hunters have no qualms about revealing into extensive detail how security gaps can be exploited, and they typically disclose such material 90 days after alerting pertinent software or hardware suppliers of the issue.
Android Device Can Be hacked By Knowing Your Phone number
But, in this instance, Google’s team seems to understand that a public revelation at this point would really result in serious issues:
Under our standard disclosure policy, Project Zero discloses security vulnerabilities to the public a set time after reporting them to a software or hardware vendor. In some rare cases where we have assessed attackers would benefit significantly more than defenders if a vulnerability was disclosed, we have made an exception to our policy and delayed disclosure of that vulnerability.
Due to a very rare combination of level of access these vulnerabilities provide and the speed with which we believe a reliable operational exploit could be crafted, we have decided to make a policy exception to delay disclosure for the four vulnerabilities that allow for Internet-to-baseband remote code execution.
ALSO, READ Hackers Sign Android Malware Apps with Compromised Platform Certificates
If you have an affected Google Pixel device, there’s good news. Google has already issued a security patch for your smartphone with its March 2023 security update.
However, if you’re the owner of a vulnerable Samsung smartphone, fixes still aren’t available according to at least one Google Project Zero researcher.
So what should you do if your device hasn’t been patched?
Google’s recommendation is that you change your device’s settings to switch off Wi-Fi calling and Voice over LTE (VoLTE), until a fix for your smartphone is available.
Be First to Comment