Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Vulnerabilities in Android allow malware to read device information even without permission
A vulnerability in Android allows poisoned applications to pass the request to allow the right to read device information, thereby 'peeking out' more information than allowed, including the ability to help it track equipment location.
Discovered by Nightwatch Cybersecurity, this vulnerability affects every version of Andorid, except the newly released OS is Android 9 or Android Pie.The vulnerability code is CVE-2018-9489 and the possibility is not fixed.
'The vendor will fix the bug on Android P / 9, because it will have to change API a lot, so there are no plans to fix it on previous Android versions.Users should upgrade to Android 9 / P or newer versions, "Nightwatch Cybersecurity said.
With this vulnerability, malicious applications can bypass the level of user information access, read device information, from WiFi network names, IP addresses to DNS server information, MAC address.Researchers warn that it will open the door for malicious behaviors such as tracking device location.
Users only have to update Android Pie if they want to patch this security hole
'The MAC address is unchanged, tied to the device, so it can be used to identify and monitor Android devices even when using a random MAC address.Network name and / or BSSID can be used to locate users by searching on databases such as WiGLE or SkyHook.Other network information can also be used to find out, attack WiFi networks'.
This security vulnerability has been reported to Google since March this year, but has only been overcome by the tech giant on the latest Android version.So the only way to secure your device is to update it to Android Pie.However, this is not easy because most OEMs are still planning to update the OS, maybe a few months away.
See more:
- Phones from 11 manufacturers may be attacked by hidden AT commands
- Fortnite for Android has a security vulnerability
- Millions of Android devices stick with security holes in firmware, hackers can exploit to lock users' machines
Micah SotoYou should read it
- Fortnite for Android has a security vulnerability
- Android apps used by the US military in combat have security holes
- Find security holes on every site with Nikto
- Security vulnerabilities - basic insights
- 9 misconceptions about security and how to resolve
- The malicious video file causes users to lose control of the device 'storming' in the Android world
- The NSA identifies 4 'critical' security vulnerabilities of cloud systems
- 5 common errors in managing security vulnerabilities
May be interested
- How to remove malicious software (malware) on Android applications?
on android devices, every time you open the app up you see the popup popup window appear. you cannot close these advertising windows. in this case it is very likely that the ads on your application containing malicious software (malware) can be harmful to your android device. - This new malware can take root of Android smartphonesmalware with the ability to take root of the device is often many times more dangerous than normal malware.
- How to check if your Android phone is infected with Android Gooligan malware?according to reports, every day 13,000 google accounts are infected. read this article to find out how to check if your google account is still safe.
- Fortnite for Android has a security vulnerabilitysecurity experts at google have discovered a security hole in epic games' fortnite game installer. by taking advantage of an application using an external memory system to store data, hackers can invade the device to download and install malware.
- 3 signs that your Android device is attacked by a viruswhich sign shows that android has been attacked by a virus? if your android device encounters these problems, think about the virus immediately and kill the virus.
- Hacker exploited three vulnerabilities in Microsoft Office to spread Zyklon malwaresecurity researchers have discovered a botnet spread of malware through at least three new vulnerabilities published in microsoft office.
- Google said Android is now as secure as Apple's iOSsince android has grown in market share around the world, it has been criticized for being a hideout for spyware, malware and other vulnerabilities that cannot be counted. on the other hand, apple's ios has been confirmed to be relatively safe compared to android. now, google claims that the operating system
- 5 best tools to manage app permissions on Androidhave you ever installed an app and found it suspicious asking for too many unnecessary permissions on the first run?
- Steps to remove malware 9o0gle. combrowser attacker www. 9o0gle. com (aka browsermodifier: win32 / heazycrome! blnk) can be installed on your computer without your permission. it can cause serious problems such as slowing down the speed of browsing on your browser, and can monitor users' online activities to sell personal information to third parties.
- Detecting Android malware can easily steal OTP code without the victim knowingandroid malware can extract and steal one-time passcode (otp) generated through google authenticator application.
Attack the network
- Already have Samsung Internet 9.0 with many upgrade points, invite you to download and experience
- Facebook was attacked, more than 50 million user accounts are at risk of being leaked
- There is a new zero-day vulnerability in Windows
- If you do division by 0 on a computer, what will happen?
- China has at least 10 PoP presence points to hijack the network architecture
- iPhone X, iPhone 8 may slow down after upgrading to iOS 12.1
Already have Samsung Internet 9.0 with many upgrade points, invite you to download and experience
Facebook was attacked, more than 50 million user accounts are at risk of being leaked
There is a new zero-day vulnerability in Windows
If you do division by 0 on a computer, what will happen?
China has at least 10 PoP presence points to hijack the network architecture
iPhone X, iPhone 8 may slow down after upgrading to iOS 12.1