Android devices contain security flaw that lets attackers gain access by using a large password
USING the lockscreen feature on your Android might seem like its keeping your phone secure, but this is not the case.
Researchers at Texas University in Austin have discovered a vulnerability allowing the device to be unlocked by bypassing the lockscreen with a lengthy password.As the bug affects smartphones operating on Google’s Android Lollipop 5.0 and above, 20 per cent of devices worldwide could be at risk.
However, the lockscreen hack will only be troublesome for those with password protected devices, meaning users with pin or pattern unlock have no cause for concern.
Hackers are able to gain access to the phone by typing a large number of characters into the emergency call window of the device before copying them to the Android clipboard.
The hacker then opens the phone’s camera and accesses the options menu at the top of the screen, all while the device is still locked.
This causes a password prompt to appear.
Hackers then continually paste the characters copied earlier as many times as possible until the phone crashes.
“By manipulating a sufficiently large string in the password field when the camera app is active an attacker is able to destabilise the lockscreen, causing it to crash to the home screen,” researchers wrote.
“At this point arbitrary applications can be run or adb developer access can be enabled to gain full access to the device and expose any data contained therein.”
Vulnerable devices will require a software update to fix the issue, however those who don’t want to wait for an update to become available can switch the locking method of their phone to rectify the issue.
Source: News.com.au
Comments
Post a Comment