An extremely dangerous vulnerability on Android phones allows bad guys to track users even when the phone is off the screen

Security firm Checkmarx recently announced an extremely dangerous vulnerability on Android phones. They discovered this vulnerability when researching the Google Camera app on Google Pixel 2 XL and Pixel 3 from the summer. Later, Checkmarx found that other camera apps on Android phones were exposed to this vulnerability, posing a threat to hundreds of millions of users.

Security firm Checkmarx said that this serious flaw allows an attacker to secretly record via phone camera without any notice, can mute photos to take pictures without users knowing. .

Especially dangerous is that the bad guy can still perform stealthy behavior even when the phone is off the screen or in lock state.

The flaw also gives attackers the ability to listen to conversations and record audio, access memory cards on phones, library videos, and GPS data of photos. Even if authorized by the user, an attacker can upload photos and videos from the phone to a remote server.

Checkmarx has reported this vulnerability to Google and Samsung since July. Google acknowledged the problem and provided an update to the Google Camera app on the Play Store in July 2019. Its partners also received a patch. .

In late August, Samsung also confirmed its phone had a similar problem.

Currently, to overcome Android users the only way is to upgrade the phone to the latest operating system version.

• Warning: Google Chrome is experiencing serious security errors, patch updates right away
• Detecting 2 extremely serious security holes in rConfig, no patch yet