- The failure occurs because of a deficiency in a tool, of Android.
- Affects 77% of the mobile devices.
A deficiency detected in the design of a tool Android you can allow cybercriminals to remotely and without the knowledge of their victims screenshots or conversations in the 77% of mobile devices with this operating system, warns this Wednesday, the security company Check Point.
At the end of November, Google only had corrected the problem in version 8.0 Android (Oreo), leaving them vulnerable versions 5.0, 6.0, and 7.0, which represent approximately 77.5% of the devices that use this operating system, which indicates the security company in a press release, even if not accurate if it would have affected users.
The ciberatacante could take advantage of the service MediaProjection of Android, an tool to record sound or make screenshots by using a tactic of screen fake to fool the user to give his consent, without him even knowing it.
unlike other mechanisms to ask for permission in Android, such as access to contacts or location, MediaProjection lacks a specific window to apply. Instead, when an application tries to use it, it appears a different message, with the name of the pop-up window SystemUI.
According to Check Point, with an application the criminals could detect when it is about to appear that window, to display a fake message overlay in SystemUI and persuade the victim to give consent without knowing it. Once deceived, the user, the attacker could record the screen and audio of the device, making it ultimate tool of espionage.
The attack would not be completely concealed to be made, since in the notification bar would display an alert of the activity of recording, but it is likely that the majority of users do not relate to a threat. Although experts recognize that Google has made an effort to “significant” to finish off the tactical overlay screen, it is a procedure cybercriminal still allowing to mislead users to obtain their credentials.
December 27, 2017