The
text messages that land up in Android phone
inbox should be watched carefully. A major security vulnerability has left a billion
phones vulnerable to get hacked in the Android operating by a plain and simple
text message. The Threat Intelligence arm of Check Point Software Technologies
Ltd, Check Point Research has revealed that there is a security flaw in
Samsung, Huawei, LG, Sony and other Android-based phones that leaves users
vulnerable to advanced phishing attacks. The hack works by making use of the
over the air (OTA) that mobile network operators use to update new phones
joining their network also known as an OMA CP message. According to the
Researches this method involves limited authentication method. Therefore, this
route can be exploited by hackers or someone working remotely to pose as a
network operator that have just connected to and send a deceptive OMA CP
message to Android phones. The message then can tricks into accepting malicious
settings by users that would start to route the phone’s incoming and outgoing
Internet traffic through a proxy server owned by the hacker. It could not be
recognized by android phone users what is happening, and the hacker can access
the data in the phone. Certain Samsung phones are the most vulnerable to this form
of phishing attack determined Researchers, because they do not have an
authenticity check for senders of OMA CP messages. The Check Point Research
says that, the user only needs to accept the CP and the malicious software will
be installed without the need to prove sender’s identity. Phones made by
Huawei, LG, and Sony do have a form of authentication, but the hackers need only
the International Mobile Subscriber Identity (IMSI) of the recipient’s phone to
‘confirm’ their identity. To get hands on phone’s IMSI details is not difficult
for attackers this can be done by creating a rogue Android app that reads a
phone’s IMSI once installed or simply bypass the need for an IMSI by sending
the user a text message posing as the network operator and asking them to
accept a pin-protected OMA CP message. If the user accepts the OMA CP message
entering the provided PIN number, the CP can be installed without an IMSI. This
critical vulnerability must be addressed for the popularity of Android devices.
0 Comments