YIBADA

New Android Exploit Uses Single Chrome Link To Hijack Smartphone

| Nov 14, 2015 05:45 AM EST

It is reported that a new Android Exploit can completely hack customers’ security system.

Hackers have reportedly discovered an exploit in the Chrome app for Android that creates a security vulnerability for nearly every Android version running on the newest Chrome. A security researcher used a Nexus 6 smartphone to demonstrate the security compromise to a panel at the PacSec conference in Tokyo on November 11, Wednesday. The hack uses one Chrome link via JavaScript v8 to hijack administrative access of the victim's mobile phone.

Researcher Guang Gong showed the security hole at the conference's MobilePwn2Own. Full details of the hack attack were not released in order to keep the chance of cybercriminals using the Chrome exploit low.   

PacSec organizer Dragos Ruiu explained that the security exploit was rare. The reason is that it involved one shot instead of many vulnerabilities.

Immediately after a smartphone accessed the site, the JavaScript vulnerability in the Chrome app installed a random application, according to Engadget. The hacker could then take control of the phone.

Android users should thus consider purchasing all their apps from Google Play. They should also keep their eyes peeled for any updates about Android phone exploits and patches.

Google has been informed about the bug. Gong won a free trip to the 2016 CanSecWest security conference, and Google will likely also pay a cash reward for information about the Android phone hack, according to BGR.

The search giant's security team has surely started working on a security patch. Its smartphones have recently become open to many hack attacks. In July the cybersecurity company Zimperium discovered an exploit affecting about 950 million Android phones worldwide, which used one text message to infect phones.

Related News

Most Popular

EDITOR'S PICK