Phones using Viber can be attacked
A vulnerability can be exploited by bad guys and gain complete control of Android phones that install the Viber application even though the device is locked.
A vulnerability can be exploited by bad guys and gain complete control of Android phones that install the Viber application even though the device is locked.
Assault hijacking test of an Android smartphone installed Viber, targeted attack phone (left) and victim phone (right)
The hijacking attack test of an Android smartphone installs Viber
Error discovered and announced by Bkav, a security company, and alerted to security magazines and websites around the world in the past week.
According to Bkav, exploiting vulnerabilities in Viber to bypass lockscreen of Android phones is very simple , although for each model of exploiting method there is a little difference. Specifically, hackers only need to manipulate some of the popup messages (windows) of Viber's new messages in combination with some small tricks such as using the phone's Notification Bar to send Viber messages to victims. It is possible to fully access the device and use all applications and features on the phone like the owner of the device.
Mr. Nguyen Minh Duc, director of network security division of Bkav analyzed: 'The way Viber handles popup messages to take out the lock screen is not a normal way. It leads to uncontrollable programming logic and a vulnerability. The danger of this kind of vulnerability is that bad guys can install eavesdropping software, spy on their phones or steal data that users don't know about. '
In PC Magazine (pcmag.com, USA), Viber representative confirmed the security error and said the company is fixing it.
Viber is an OTT (over-the-top) application for smart mobile phones that allows texting, free phone calls over the Internet. Particularly in the Google Play app store, the number of Viber installers ranges from 50 million to 100 million. Thus, the number of users at risk of being affected by the vulnerability does not stop at 50 million, but can reach hundreds of millions globally. In Vietnam, the number of smartphones that can get this vulnerability is up to nearly 4 million devices (Viber currently has about 4 million users in Vietnam as of March 2013).
While the manufacturer has not released an official patch, Bkav recommends that mobile phones should be separate and not allowed to be used by anyone else. At the same time, users should regularly monitor information to update the patch as soon as it is released.
You should read it
- Viber has successfully overcome the lock screen error on Android
- The new zero-day vulnerability on Windows 10 helps hackers take control of the computer
- Analyze DLL hijacking attacks
- Detecting zero-day vulnerabilities in Internet Explorer helps hackers gain control of the computer
- Detecting vulnerabilities in BitTorrent applications allows hackers to control user computers
- Three critical holes in Linksys routers, hackers can take advantage of hijacking
- The new vulnerability on Intel allows hackers to take control of your computer within 30 seconds
- A serious security error appeared on Android that allowed hackers to control smartphones through a photo
- Detecting extremely serious vulnerabilities that allow hacking iPhone just by sending email, victims who are not open are also attacked
- Many serious vulnerabilities have been discovered that allow attackers to take full control of the 4G router
- How to use Android phone control Sony TV
- TV control applications on the phone
Maybe you are interested
Do not click on strange links or your phone will be hijacked How to install Linux apps on Chromebooks New achievement: TSP chip structure can run 1 million billion operations per second Facebook is testing face detection technology to wipe out fake accounts 4 ways to avoid face recognition online and in public Description of the P2P-Worm.Win32.BlackControl.g template