The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: how to hack android

Major Instagram App Bug Could've Given Hackers Remote Access to Your Phone

Major Instagram App Bug Could've Given Hackers Remote Access to Your Phone

September 24, 2020Ravie Lakshmanan
Ever wonder how hackers can hack your smartphone remotely? In a report shared with The Hacker News today, Check Point researchers disclosed details about a  critical vulnerability  in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image. What's more worrisome is that the flaw not only lets attackers perform actions on behalf of the user within the Instagram app—including spying on victim's private messages and even deleting or posting photos from their accounts—but also execute arbitrary code on the device. According to an  advisory  published by Facebook, the heap overflow security issue (tracked as CVE-2020-1895 , CVSS score: 7.8) impacts all versions of the Instagram app prior to 128.0.0.26.128, which was released on February 10 earlier this year. "This [flaw] turns the device into a tool for spying on targeted users without their knowledge, as well as enabling
New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild

New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild

October 04, 2019Mohit Kumar
Another day, another revelation of a critical unpatched zero-day vulnerability, this time in the world's most widely used mobile operating system, Android. What's more? The Android zero-day vulnerability has also been found to be exploited in the wild by the Israeli surveillance vendor NSO Group—infamous for selling zero-day exploits to governments—or one of its customers, to gain control of their targets' Android devices. Discovered by Project Zero researcher Maddie Stone, the details and a proof-of-concept exploit for the high-severity security vulnerability, tracked as CVE-2019-2215, has been made public today—just seven days after reporting it to the Android security team. The zero-day is a use-after-free vulnerability in the Android kernel's binder driver that can allow a local privileged attacker or an app to escalate their privileges to gain root access to a vulnerable device and potentially take full remote control of the device. Vulnerable Android D
Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp

Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp

October 03, 2019Swati Khandelwal
A picture is worth a thousand words, but a GIF is worth a thousand pictures. Today, the short looping clips, GIFs are everywhere—on your social media, on your message boards, on your chats, helping users perfectly express their emotions, making people laugh, and reliving a highlight. But what if an innocent-looking GIF greeting with Good morning, Happy Birthday, or Merry Christmas message hacks your smartphone? Well, not a theoretical idea anymore. WhatsApp has recently patched a critical security vulnerability in its app for Android, which remained unpatched for at least 3 months after being discovered, and if exploited, could have allowed remote hackers to compromise Android devices and potentially steal files and chat messages. WhatsApp Remote Code Execution Vulnerability The vulnerability, tracked as CVE-2019-11932 , is a double-free memory corruption bug that doesn't actually reside in the WhatsApp code itself, but in an open-source GIF image parsing library th
Insecure UC Browser 'Feature' Lets Hackers Hijack Android Phones Remotely

Insecure UC Browser 'Feature' Lets Hackers Hijack Android Phones Remotely

March 26, 2019Swati Khandelwal
Beware! If you are using UC Browser on your smartphones, you should consider uninstalling it immediately. Why? Because the China-made UC Browser contains a "questionable" ability that could be exploited by remote attackers to automatically download and execute code on your Android devices. Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically in China and India, with a massive user base of more than 500 million users worldwide. According to a new report published today by Dr. Web firm, since at least 2016, UC Browser for Android has a "hidden" feature that allows the company to anytime download new libraries and modules from its servers and install them on users' mobile devices. Pushing Malicious UC Browser Plug-ins Using MiTM Attack What's worrisome? It turns out that the reported feature downloads new plugins from the company server over insecure HTTP protocol instead of encrypted HTTPS proto
Severe Flaws in SHAREit Android App Let Hackers Steal Your Files

Severe Flaws in SHAREit Android App Let Hackers Steal Your Files

February 27, 2019Swati Khandelwal
Security researchers have discovered two high-severity vulnerabilities in the SHAREit Android app that could allow attackers to bypass device authentication mechanism and steal files containing sensitive from a victim's device. With over 1.5 billion users worldwide, SHAREit is a popular file sharing application for Android, iOS, Windows and Mac that has been designed to help people share video, music, files, and apps across various devices. With more than 500 million users, the SHAREit Android app was found vulnerable to a file transfer application's authentication bypass flaw and an arbitrary file download vulnerability, according to a blog post RedForce researchers shared with The Hacker News. The vulnerabilities were initially discovered over a year back in December 2017 and fixed in March 2018, but the researchers decided not to disclose their details until Monday "given the impact of the vulnerability, its big attack surface and ease of exploitation."
First Android Clipboard Hijacking Crypto Malware Found On Google Play Store

First Android Clipboard Hijacking Crypto Malware Found On Google Play Store

February 11, 2019Swati Khandelwal
A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users. The malware, described as a " Clipper ," masqueraded as a legitimate cryptocurrency app and worked by replacing cryptocurrency wallet addresses copied into the Android clipboard with one belonging to attackers, ESET researcher Lukas Stefanko explained in a blog post . Since cryptocurrency wallet addresses are made up of long strings of characters for security reasons, users usually prefer copying and pasting the wallet addresses using the clipboard over typing them out. The newly discovered clipper malware, dubbed Android/Clipper.C by ESET, took advantage of this behavior to steal users cryptocurrency. To do this, attackers first tricked users into installing the malicious app that impersonated a legitimate cryptocurrency service called MetaMask , claiming to let users
Android Phones Can Get Hacked Just by Looking at a PNG Image

Android Phones Can Get Hacked Just by Looking at a PNG Image

February 06, 2019Swati Khandelwal
Using an Android device? Beware! You have to remain more caution while opening an image file on your smartphone—downloaded anywhere from the Internet or received through messaging or email apps. Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three newly-discovered critical vulnerabilities that affect millions of devices running recent versions of Google's mobile operating system, ranging from Android 7.0 Nougat to its current Android 9.0 Pie. The vulnerabilities, identified as CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988, have been patched in Android Open Source Project (AOSP) by Google as part of its February Android Security Updates . However, since not every handset manufacturer rolls out security patches every month, it's difficult to determine if your Android device will get these security patches anytime sooner. Although Google engineers have not yet revealed any technical details explaining the vulnerabilities, t
Google Makes 2 Years of Android Security Updates Mandatory for Device Makers

Google Makes 2 Years of Android Security Updates Mandatory for Device Makers

October 25, 2018Mohit Kumar
When it comes to security updates, Android is a real mess. Even after Google timely rolls out security patches for its Android platform, a major part of the Android ecosystem remains exposed to hackers because device manufacturers do not deliver patches regularly and on a timely basis to their customers. To deal with this issue, Google at its I/O Developer Conference May 2018 revealed the company's plan to update its OEM agreements that would require Android device manufacturers to roll out at least security updates regularly. Now, a leaked, unverified copy of a new contract between Google and OEMs obtained by The Verge reveals some terms of the agreement that device manufacturers have to comply with or otherwise they have to lose their Google certification for upcoming Android devices. Google's New Terms for Android Security Updates According to the leaked contract, Android OEMs will now be required to regularly roll out security updates for popular devices—lau
Powerful Android and iOS Spyware Found Deployed in 45 Countries

Powerful Android and iOS Spyware Found Deployed in 45 Countries

September 18, 2018Swati Khandelwal
One of the world's most dangerous Android and iPhone spyware program has been found deployed against targets across 45 countries around the world over the last two years, a new report from Citizen Lab revealed. The infamous spyware, dubbed Pegasus, is developed by NSO Group—an Israeli company which is mostly known for selling high-tech surveillance tools capable of remotely cracking into iPhones and Android devices to intelligence agencies around the world. Pegasus is NSO Group's most powerful creation that has been designed to hack iPhone, Android, and other mobile devices remotely, allowing an attacker to access an incredible amount of data on a target victim, including text messages, calendar entries, emails, WhatsApp messages, user's location, microphone, and camera—all without the victim's knowledge. Pegasus has previously been used to target human rights activists and journalists, from Mexico to the United Arab Emirates . Just last month, The Hacker New
New Man-in-the-Disk attack leaves millions of Android phones vulnerable

New Man-in-the-Disk attack leaves millions of Android phones vulnerable

August 14, 2018Swati Khandelwal
Security researchers at Check Point Software Technologies have discovered a new attack vector against the Android operating system that could potentially allow attackers to silently infect your smartphones with malicious apps or launch denial of service attacks. Dubbed Man-in-the-Disk , the attack takes advantage of the way Android apps utilize 'External Storage' system to store app-related data, which if tampered could result in code injection in the privileged context of the targeted application. It should be noted that apps on the Android operating system can store its resources on the device in two locations—internal storage and external storage. Google itself offers guidelines to Android application developers urging them to use internal storage, which is an isolated space allocated to each application protected using Android's built-in sandbox, to store their sensitive files or data. However, researchers found that many popular apps—including Google Translate
Flaws in Pre-Installed Apps Expose Millions of Android Devices to Hackers

Flaws in Pre-Installed Apps Expose Millions of Android Devices to Hackers

August 13, 2018Swati Khandelwal
Bought a new Android phone? What if I say your brand new smartphone can be hacked remotely? Nearly all Android phones come with useless applications pre-installed by manufacturers or carriers, usually called bloatware, and there's nothing you can do if any of them has a backdoor built-in—even if you're careful about avoiding sketchy apps. That's exactly what security researchers from mobile security firm Kryptowire demonstrated at the DEF CON security conference on Friday. Researchers disclosed details of 47 different vulnerabilities deep inside the firmware and default apps (pre-installed and mostly non-removable) of 25 Android handsets that could allow hackers to spy on users and factory reset their devices, putting millions of Android devices at risk of hacking. At least 11 of those vulnerable smartphones are manufactured by companies including Asus, ZTE, LG, and the Essential Phone, and being distributed by US carriers like Verizon and AT&T. Other majo
RAMpage Attack Explained—Exploiting RowHammer On Android Again!

RAMpage Attack Explained—Exploiting RowHammer On Android Again!

June 29, 2018Mohit Kumar
A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices. Dubbed RAMpage , the new technique (CVE-2018-9442) could re-enable an unprivileged Android app running on the victim's device to take advantage from the previously disclosed Drammer attack , a variant of DRAM Rowhammer  hardware vulnerability for Android devices, in an attempt to gain root privileges on the target device. You might have already read a few articles about RAMpage on the Internet or even the research paper, but if you are still unable to understand— what the heck is RAMpage —we have briefed the research in language everyone can understand. Before jumping directly on the details of RAMpage, it is important for you to understand what is RowHammer vulnerability, how it can be exploited using Drammer attack to hack Android devices and what mitigations G
OnePlus 6 Flaw Allows to Boot Any Image Even With Locked Bootloader

OnePlus 6 Flaw Allows to Boot Any Image Even With Locked Bootloader

June 11, 2018Mohit Kumar
Have you recently bought a OnePlus 6? Don't leave your phone unattended. A serious vulnerability has been discovered in the OnePlus 6 bootloader that makes it possible for someone to boot arbitrary or modified images to take full admin control of your phone—even if the bootloader is locked. A bootloader is part of the phone's built-in firmware and locking it down stops users from replacing or modifying the phone's operating system with any uncertified third-party ROMs, ensuring the system boots into the right operating system. Discovered by security researcher Jason Donenfeld of Edge Security , the bootloader on OnePlus 6 is not entirely locked, allowing anyone to flash any modified boot image on to the handset and take full control of your phone. In a video demonstration, Donenfeld showed how it is possible for an attacker with physical access to OnePlus 6 to boot any malicious image using the ADB tool's fastboot command, giving the attacker complete control ove
GLitch: New 'Rowhammer' Attack Can Remotely Hijack Android Phones

GLitch: New 'Rowhammer' Attack Can Remotely Hijack Android Phones

May 04, 2018Swati Khandelwal
For the very first time, security researchers have discovered an effective way to exploit a four-year-old hacking technique called Rowhammer to hijack an Android phone remotely. Dubbed GLitch , the proof-of-concept technique is a new addition to the Rowhammer attack series which leverages embedded graphics processing units (GPUs) to carry out a Rowhammer attack against Android smartphones. Rowhammer is a problem with recent generation dynamic random access memory (DRAM) chips in which repeatedly accessing a row of memory can cause "bit flipping" in an adjacent row, allowing anyone to change the value of contents stored in computer memory. Known since at least 2012, the issue was first exploited by Google's Project Zero researchers in early 2015, when they pulled off remote Rowhammer attacks on computers running Windows and Linux. Last year, a team of researchers in the VUSec Lab at Vrije Universiteit Amsterdam demonstrated that the Rowhammer technique could
Popular Android Phone Manufacturers Caught Lying About Security Updates

Popular Android Phone Manufacturers Caught Lying About Security Updates

April 13, 2018Mohit Kumar
Android ecosystem is highly broken when it comes to security, and device manufacturers (better known as OEMs) make it even worse by not providing critical patches in time. According to a new study, most Android vendors have been lying to users about security updates and telling customers that their smartphones are running the latest updates. In other words, most smartphone manufacturers including big players like Samsung, Xiaomi, OnePlus, Sony, HTC, LG, and Huawei are not delivering you every critical security patch they're supposed to, a study by Karsten Nohl and Jakob Lell of German security firm Security Research Labs (SRL) revealed. Nohl and Lell examined the firmware of 1,200 smartphones from over a dozen vendors, for every Android patch released last year, and found that many devices have a "patch gap," leaving parts of the Android ecosystem exposed to hackers. "Sometimes these guys just change the date without installing any patches. Probably for m
Skygofree — Powerful Android Spyware Discovered

Skygofree — Powerful Android Spyware Discovered

January 16, 2018Mohit Kumar
Security researchers have unveiled one of the most powerful and highly advanced Android spyware tools that give hackers full control of infected devices remotely. Dubbed Skygofree , the Android spyware has been designed for targeted surveillance, and it is believed to have been targeting a large number of users for the past four years. Since 2014, the Skygofree implant has gained several novel features previously unseen in the wild, according to a new report published by Russian cybersecurity firm Kaspersky Labs. The 'remarkable new features' include location-based audio recording using device's microphone, the use of Android Accessibility Services to steal WhatsApp messages, and the ability to connect infected devices to malicious Wi-Fi networks controlled by attackers. Skygofree is being distributed through fake web pages mimicking leading mobile network operators, most of which have been registered by the attackers since 2015—the year when the distribution ca
Android Flaw Lets Hackers Inject Malware Into Apps Without Altering Signatures

Android Flaw Lets Hackers Inject Malware Into Apps Without Altering Signatures

December 09, 2017Mohit Kumar
Millions of Android devices are at serious risk of a newly disclosed critical vulnerability that allows attackers to secretly overwrite legitimate applications installed on your smartphone with their malicious versions. Dubbed Janus , the vulnerability allows attackers to modify the code of Android apps without affecting their signature verification certificates, eventually allowing them to distribute malicious update for the legitimate apps, which looks and works same as the original apps. The vulnerability ( CVE-2017-13156 ) was discovered and reported to Google by security researchers from mobile security firm GuardSquare this summer and has been patched by Google, among four dozen vulnerabilities, as part of its December Android Security Bulletin . However, the worrisome part is that majority of Android users would not receive these patches for next few month, until their device manufacturers (OEMs) release custom updates for them, apparently leaving a large number of sma
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.