Latest News

Your Android Phone Could be Hacked by a Single Text Message
Friday, September 6, 2019 IST
Your Android Phone Could be Hacked by a Single Text Message

That makes it more than a billion Android phones globally, including those made by Samsung and Huawei, which are at the risk of being hacked by text messages.

 
 

As it turns out, you should be wary of the text messages that land up in the inbox in your Android phone. A major security vulnerability in the Android operating system has left a billion phones vulnerable to getting hacked, by a plain and simple text message. Check Point Research, the Threat Intelligence arm of Check Point Software Technologies Ltd. has revealed that there is “a security flaw in Samsung, Huawei, LG, Sony and other Android-based phones that leaves users vulnerable to advanced phishing attacks.”
 
The security firm says that the hack works by making use of the over the air (OTA) method that mobile network operators use to update new phones joining their network, also known as an OMA CP message. Researchers say that this method involves limited authentication methods. Therefore, hackers or someone working remotely can exploit this route to pose as a network operator that you have just connected to and send a deceptive OMA CP message to Android phones. The message can then trick users into accepting malicious settings that would start to route the phone’s incoming and outgoing Internet traffic through a proxy server owned by the hacker. The Android phone user would not realize what is happening, and the data in the phone can be accessed by the hacker.
 
“Researchers determined that certain Samsung phones are the most vulnerable to this form of phishing attack because they do not have an authenticity check for senders of OMA CP messages. The user only needs to accept the CP and the malicious software will be installed without the sender needing to prove their identity,” says Check Point Research.
 
The research also says that phones made by Huawei, LG, and Sony do have a form of authentication, but hackers only need the International Mobile Subscriber Identity (IMSI) of the recipient’s phone to ‘confirm’ their identity. And it is not difficult for attackers to get their hands on a phone’s IMSI details—this can be done by creating a rogue Android app that reads a phone’s IMSI once it is installed or the attacker can simply bypass the need for an IMSI by sending the user a text message posing as the network operator and asking them to accept a pin-protected OMA CP message. If the user then enters the provided PIN number and accepts the OMA CP message, the CP can be installed without an IMSI.
 

 
 

“Given the popularity of Android devices, this is a critical vulnerability that must be addressed,” said Slava Makkaveev, Security Researcher at Check Point Software Technologies. Researchers say Samsung included a fix addressing this phishing flow in their Security Maintenance Release for May (SVE-2019-14073), LG released their fix in July (LVE-SMP-190006), and Huawei is planning to include UI fixes for OMA CP in the next generation of Mate series or P series smartphones. Sony refused to acknowledge the vulnerability, stating that their devices follow the OMA CP specification.

 
 
 
 
 

Related Topics

 
 
 

Trending News & Articles

 Article
How to make you car as silent as a Rolls Royce inside

Rolls Royce cars are extremely luxurious. While there are many expensive pieces of equipment in Rolls Royce cars, their most relaxing feature is the silence that ...

Recently posted . 3K views . 2 min read
 

 Article
India's Top 5 Mobile Charger manufacturer Brand 2019

The following list of India's Top 5 Mobile Charger manufacture Brand 2019  

Recently posted . 3K views . 0 min read
 

 Article
The Top 5 Best USB/PD Phone Charger in India 2023

View Top 5 Mobile Chargers in India as on 08 Feb 2023. This rundown is compiled according t...

Recently posted . 3K views . 6 min read
 

 Article
Mahindra XUV300 vs Maruti Brezza, Ford EcoSport, Tata Nexon – Price

XUV300 is the latest entrant in the compact SUV segment.

Recently posted . 3K views . 0 min read
 

 
 

More in Electronics & Gadgets

 Article
6 Phone Battery Hacks That'll Save You a Panic Attack When You're Seeing Red

  You’re on the go—maybe at a conference or in transit or en route to a long meeting—when you realize that your phone is at ...

Recently posted. 957 views . 2 min read
 

 Article
Explained: What exactly is happening at Jet Airways

NEW DELHI: The news of Jet Airways telling its employees to take salaries cuts has sent shock waves in the sector. Most airlines are battling chall...

Recently posted. 804 views . 3 min read
 

 Article
Google Bans Chinese App Developer With 600 Million Downloads From Play Store: Report

The app developer claims to have over 250 million active users.

Recently posted. 957 views . 0 min read
 

 Reviews
Honda CB300R vs Bajaj Dominar vs BMW G310R vs KTM Duke 390



Recently posted . 1K views . 35 min read
 

 Reviews
Best Hot Air Heat Guns In India 2018 – Buyer’s guide



Recently posted . 1K views . 93 min read
 

 Article
Flipkart warns of major 'customer disruption' if new India rules are not delayed

New rules bar e-commerce companies from selling products from firms in which they hold an equity interest.  

Recently posted. 769 views . 0 min read
 

 Article
Thanks to Bajaj, KTM will beat Harley Davidson – Become world’s largest premium motorcycle maker

Bajaj Auto aims to produce 5 lakh premium bikes under the KTM and Husqvarna brands at the company plant in Chakan near Pune in the near future.

Recently posted. 1K views . 1 min read
 

 
 
 

   Prashnavali

  Thought of the Day

Just as the sun gently moves the darkness of night out each morning, we too can move from darkness to light each day. Wake up to new life each day, freeing ourself from all things that do not serve us. Let them drift away with the night & fill that space with new hope each morning..Good Morning
Anonymous

Be the first one to comment on this story

Close
Post Comment
Shibu Chandran
2 hours ago

Serving political interests in another person's illness is the lowest form of human value. A 70+ y old lady has cancer.

November 28, 2016 05:00 IST
Shibu Chandran
2 hours ago

Serving political interests in another person's illness is the lowest form of human value. A 70+ y old lady has cancer.

November 28, 2016 05:00 IST
Shibu Chandran
2 hours ago

Serving political interests in another person's illness is the lowest form of human value. A 70+ y old lady has cancer.

November 28, 2016 05:00 IST
Shibu Chandran
2 hours ago

Serving political interests in another person's illness is the lowest form of human value. A 70+ y old lady has cancer.

November 28, 2016 05:00 IST


ads
Back To Top