A vulnerability in the Linux kernel could leave approximately 80% of all Android devices susceptible to an attack. The bug allows attackers to terminate internet connections, and malicious code can be inserted into un-encrypted connections. The security researchers at Lookout discovered that this attack is different than most, as the attacker can create a direct connection to the victim. Most other similar attacks require that the network be compromised before the traffic can be intercepted.
The bug was found starting in Linux version 3.6, which has been a part of Android since the KitKat days. Using a report by Statista, Lookout estimated the total number of Android devices affected to be roughly 1.4 billion, or 80% of all Android devices.
Ars Technica outlined how the attack would happen:
To make the attack work, the adversary must first spend about 10 seconds to test whether two specific parties—say a known Android user and USA Today—are connected. It then takes another 45 seconds or so to inject malicious content into their traffic. The time required probably makes it impractical to carry out opportunistic attacks that hit large numbers of people. Still, the technique appears well suited for targeted attacks, in which the adversary—say, a stalker or a nation-backed surveillance agency—is attempting to infect or spy on a specific individual, especially when the hacker knows some of the sites frequented by the target.
They also outlined a pretty simple use case that would still likely net quite a few victims. By sending a prompt telling a user that they’ve been logged out of an account and asking them to then log back in, the attacker could steal any credentials entered by the user into the fraudulent login screen. At that point the attack turns into a bit of a phishing attack, though with a very specific target.
In a statement provided to Ars, Google advised that they are aware of the issue and are taking “appropriate actions,” but were quick to point out that it is a bug in the Linux kernel, and is not Android specific. They further advised that on their overall risk-tracking this issue rates “moderate.” If Google engineers are working on it, hopefully we’ll see a fix in place in the Android Nougat release, if not sooner.
What do you think about the ever-expanding methods for attackers to steal our personal data? Let us know all about it in the comment section below, or on Google+, Facebook, or Twitter.