Techvia Alliance – Single text message can hack your Android Phone

The text messages that land up in Android phone inbox should be watched carefully. A major security vulnerability has left a billion phones vulnerable to get hacked in the Android operating by a plain and simple text message. The Threat Intelligence arm of Check Point Software Technologies Ltd, Check Point Research has revealed that there is a security flaw in Samsung, Huawei, LG, Sony and other Android-based phones that leaves users vulnerable to advanced phishing attacks. The hack works by making use of the over the air (OTA) that mobile network operators use to update new phones joining their network also known as an OMA CP message. According to the Researches this method involves limited authentication method. Therefore, this route can be exploited by hackers or someone working remotely to pose as a network operator that have just connected to and send a deceptive OMA CP message to Android phones. The message then can tricks into accepting malicious settings by users that would start to route the phone’s incoming and outgoing Internet traffic through a proxy server owned by the hacker. It could not be recognized by android phone users what is happening, and the hacker can access the data in the phone. Certain Samsung phones are the most vulnerable to this form of phishing attack determined Researchers, because they do not have an authenticity check for senders of OMA CP messages. The Check Point Research says that, the user only needs to accept the CP and the malicious software will be installed without the need to prove sender’s identity. Phones made by Huawei, LG, and Sony do have a form of authentication, but the hackers need only the International Mobile Subscriber Identity (IMSI) of the recipient’s phone to ‘confirm’ their identity. To get hands on phone’s IMSI details is not difficult for attackers this can be done by creating a rogue Android app that reads a phone’s IMSI once installed or simply bypass the need for an IMSI by sending the user a text message posing as the network operator and asking them to accept a pin-protected OMA CP message. If the user accepts the OMA CP message entering the provided PIN number, the CP can be installed without an IMSI. This critical vulnerability must be addressed for the popularity of Android devices.