Hackers are taking advantage of a 0-day vulnerability that enables hacking Android phones
https://newsstechh.blogspot.com/2019/10/hackers-are-taking-advantage-of-0-day.html
Hackers are taking advantage of a 0-day vulnerability that enables hacking Android phones
A hacker is exploiting a 0-day vulnerability that hacks Android phones and can give them full control of at least 18 different phone versions, including four different pixel versions, a Google Project research group member said on Thursday night. .
"There is evidence that the vulnerability is being actively exploited, either by exploiting an Israeli computer security company called NSO or one of its clients," said Maddie Stone, a member of Project Zero Group in a publication. At the same time, representatives of the Israeli company NSO said that "exploitation has nothing to do with NSO."
Exploits require little or no allocation to fully allocate endangered phones. A 0-day vulnerability problem can be exploited in two ways:
(1) When the target installs an untrusted application
(2) for online attacks, by targeting the vulnerability in the code that Chrome uses to render content.
The 0-day vulnerability includes the following phones:
Pixel 1
Pixel 1 XL
Pixel 2
Pixel 2 XL
Huawei P20
Xiaomi Redmi 5A
Xiaomi Redmi Note 5
Xiaomi A1
Oppo A3
Moto Z3
Oreo LG phones
Samsung S7
Samsung S8
Samsung S9
“This problem has been classified as very serious on the Android system and in itself requires the installation of a malicious application for potential exploitation,” wrote Tim Willis, another member of the Project Zero group, citing Android team members.
Google representatives wrote in an email: "Pixel 3 and 3a devices are not susceptible to this problem, and Pixel 1 and 2 devices will be protected by the October security release, which will be delivered in the coming days. In addition, a patch has been provided to partners to ensure that the Android system is protected Of this problem. "
A hacker is exploiting a 0-day vulnerability that hacks Android phones and can give them full control of at least 18 different phone versions, including four different pixel versions, a Google Project research group member said on Thursday night. .
"There is evidence that the vulnerability is being actively exploited, either by exploiting an Israeli computer security company called NSO or one of its clients," said Maddie Stone, a member of Project Zero Group in a publication. At the same time, representatives of the Israeli company NSO said that "exploitation has nothing to do with NSO."
Exploits require little or no allocation to fully allocate endangered phones. A 0-day vulnerability problem can be exploited in two ways:
(1) When the target installs an untrusted application
(2) for online attacks, by targeting the vulnerability in the code that Chrome uses to render content.
The 0-day vulnerability includes the following phones:
Pixel 1
Pixel 1 XL
Pixel 2
Pixel 2 XL
Huawei P20
Xiaomi Redmi 5A
Xiaomi Redmi Note 5
Xiaomi A1
Oppo A3
Moto Z3
Oreo LG phones
Samsung S7
Samsung S8
Samsung S9
“This problem has been classified as very serious on the Android system and in itself requires the installation of a malicious application for potential exploitation,” wrote Tim Willis, another member of the Project Zero group, citing Android team members.
Google representatives wrote in an email: "Pixel 3 and 3a devices are not susceptible to this problem, and Pixel 1 and 2 devices will be protected by the October security release, which will be delivered in the coming days. In addition, a patch has been provided to partners to ensure that the Android system is protected Of this problem. "
