Thousands of Android Devices Running Insecure Remote ADB Service
Jun 12, 2018
Despite warnings about the threat of leaving insecure remote services enabled on Android devices, manufacturers continue to ship devices with open ADB debug port setups that leave Android-based devices exposed to hackers. Android Debug Bridge (ADB) is a command-line feature that generally uses for diagnostic and debugging purposes by helping app developers communicate with Android devices remotely to execute commands and, if necessary, completely control a device. Usually, developers connect to ADB service installed on Android devices using a USB cable, but it is also possible to use ADB wirelessly by enabling a daemon server at TCP port 5555 on the device. If left enabled, unauthorized remote attackers can scan the Internet to find a list of insecure Android devices running ADB debug interface over port 5555, remotely access them with highest "root" privileges, and then silently install malware without any authentication. Therefore, vendors are recommended to make...
