A dangerous Android Security Bug Which May Hack Your Phone Camera

Android Security Bug

Experts have sometimes warned about the vulnerabilities or susceptibilities which affect Google or Samsung Smartphones. It might allow the attackers to control the camera app of a device to remotely record videos, take photos or even scout on the conversations or location of a user. The faults were discovered by the Checkmarx security research team that initially start researching the Google Camera app in a Pixel 2XL and Pixel 3 at the time of discovering multiple liabilities.

Checkmarx dug also found that these similar liabilities also affect the camera app of the Samsung and also some other Smartphones as well.

  • Simjaker attack may impact a billion of Smartphones.
  • Some Smartphones of LG and Samsung are at risk from Qualcomm Security flaw.
  • Also, inspect the most effective android antivirus apps.

The senior security researcher and also the director of the security research at the company explained how they were able to use a rouge app for gaining control of the Google Camera app in a blog post. After many analyses, the team members realized that an attacker may control the app to take photos or to record videos through a rouge application by manipulating some specific intents or actions. Apart from that, the team also found some attack scenarios which enabled the malicious actors to avoid many storage permission policies. It was also giving them access to the stored photos or videos and also the GPS metadata embedded in photos to locate the users by taking videos or a photo or to locate the users by taking a photo or video and parsing the proper EXIF data. The same technology also applied to the camera app of Samsung.

Camera App Liabilities

In order to utilize these obligations, the team found in the Google Camera App that Checkmarx developed a malicious application as a proof of concept exploit. The team created a weather app that did not need any special permissions apart from basic storage access which is common permission requested by many other apps on the Google Play Store. 

Apart from the weather app, he also set up a command and a control server which the app connects to carry out the command of the attacker. Once the app is done with its installation,  and then it has been opened on a user’s device. It creates a never-ending connection to the command and the control server to wait for the upcoming instructions.

In case, if a user wants to stop the app, it will still be connected to the server and an attacker could command to take videos, photos or to record audios or videos from voice calls, capture GPS tags from photos to access the data present on the device. All the photos or videos taken by the app which could be uploaded to the server. The concept developed by Checkmark which would even allow an attacker to take photos, record videos, can be used if the smartphone was locked.

Both Samsung and Google have issued for the vulnerabilities to prevent falling victim for a similar attack. For these issues, users should update their devices to the latest version of android to make sure that the latest security patches have been applied as well as updated their camera app. You should protect your devices with the best antivirus software.

 

Read More Article: Firefox Preview For Android

Related tags

About author


Related Posts

Samsung Chromebook 3: Everything You Need to Know

by Rashika Chauhan 7 hours ago
Samsung Chromebook 3

Samsung has revealed its new gadgets i.e. Samsung Chromebook 3 which is powered by a Celeron Dual-Core Processor. It is one of the cheapest and extremely portable among all the laptops.

Huawei MateBook D 14 And MateBook D 15 Laptops With 10th Gen Intel

by Neha Gupta 1 day ago
Huawei MateBook D 14 and MateBook D 15 Laptops

Huawei has launched a series of laptops in Chine i.e. MateBook D 14 and MateBook D 15. The specifications and price of both laptops are quite similar.

Apple iPhone 12 Rumors: Everything We Know So Far

by Amit 4 days ago
iPhone 12

Apple is planned to add a new Smartphone in its series with more additional features. It is expected to come in the year 2020.

How To Download Youtube Videos In Mobile

by Abhipsha Panda 7 days ago
Youtube Videos

YouTube also provides some useful tools to download videos on your mobile, or laptop. There are some third-party app also available to do it.

Mirrorless vs DSLR Cameras: Key Differences

by Amit 8 days ago
Mirrorless Vs DSLR Cameras

Here, in this article, it has explained about the difference between DSLR and mirrorless cameras. These are a little bit similarities in their features and name is the only difference.

A dangerous Android Security Bug Which May Hack Your Phone Camera

by Neha Gupta 10 days ago
Android Security Bug

There is a dangerous Android security bug that could impact your phone cameras. These camera app vulnerabilities allow hackers to take photos or videos remotely.

menu
menu