Skip to main content

Google Android vulnerability hands over full access to camera, dialler and more

Android smartphone owners are being warned to be on the look out for a vulnerability that lets an attacker gain full access to a device and carry out any actions they want to.

Related: Inherent vulnerabilities pose risk to Android, BlackBerry and Apple devices

FireEye Labs identified the new vulnerability in the new blog and dubbed it a Sidewinder Targeted Attack that can be deployed using a Google smartphone’s ad libs by exploiting popular vulnerabilities.

A video posted by the company explains how it can be used with a Samsung Galaxy S4 running Android 4.2.2 used to show just how the vulnerability can affect Google Android smartphones.

To use the vulnerability the attacker can make a personalised message pop up inside a fake app masquerading as a real app and once the phone owner clicks “OK”, the phone is open to exploitation.

The researcher shows that an attacker can easily take control of any part of the phone including the camera, which then opens up other opportunities when it comes to the location data associated. In the video it shows that the coordinates attached to the photo taken can be pasted into Google Maps and used to narrow down the location to one that is exact.

This is far more worrying when the video feature of the device is used due to the sound attached to it. Using the coordinates it is then possible to record the audio from a given location and the examples given by FireEye Labs are a CEOs office or company boardroom.

One of the even more worrying tools in the attacker’s repertoire is the ability to use the Android clipboard to steal passwords that are attached to it by the OS. When a smartphone user types in a password it automatically shows up on the attacker’s control panel and it then also brings up a list of all the apps used by the phone.

Related: The best Android security apps

Fire Eye notified Google, ad vendors and app developers about related issues over half a year ago and due to the “slow patching/upgrading/fragmentation” of Android, it still thinks that millions of users are under threat.