Millions of Android devices stick with security holes in firmware, hackers can exploit to lock users' machines

Security vulnerabilities in firmware were discovered on Android phones of 4 companies including Asus, Essential, LG and ZTE. Hackers can exploit this vulnerability to hijack the machine or lock the device so that users cannot use their smartphone.

This vulnerability is only exploited when users download an app containing malicious code so temporarily Android phones are not affected very much but still leave high risk to users.

Android's openness allows any third party to edit the source code before installing it on the device. And in the process of re-customizing Android at its sole discretion, most manufacturers lack security attention. Security company Kryptowire thinks this is the cause of the security hole in the firmware.

On Asus ZenFone V Live, hackers can take advantage of this vulnerability to make phone calls, read messages, edit messages, take screenshots, record screen videos, and so on. This vulnerability is developing a patch for users.

With ZTE, this vulnerability on two ZTE Blade Spark and Blade Vantage allows hackers to access SMS, call data, sensitive information.

On LG G6, the error will expose logcat and allow hackers to lock the user's machine. Hackers can delete all information without the user's permission on Essential Phone.

Essentially, Essential has fixed this issue, while LG is still developing a patch to fix it. Some ZTE machines have been patched and others have to wait for updates from the network.

See more:

1. Serious security flaws on Windows 10 allow anyone to log in by voice
2. iPhone and Android smartphone series stick with serious Bluetooth security error
3. In prison, hackers can still steal more than $ 200,000 through a tablet without an Internet connection