Security researchers have discovered a flaw in Android that can allow malicious people to use the camera on your smartphone and record images without your knowledge.
The cybersecurity company Checkmarx has published an article in which it describes a major Android vulnerability. With it, malicious people are able to take control of your camera and record images on an external server.
An annoying Android vulnerability
As the company says, this technique worked with the Google Pixel 2XL, Pixel 3, as well as Samsung smartphones. The Android OS does not require any special permission to access the phones camera, which means it can take pictures and videos with sound. Images can also be saved to an external server under the control of the hacker.
The researchers developed a malicious application that allowed them to take control of the camera when the camera was locked, the screen was off, or the application was closed.
But that’s not all, because they could also extract GPS data from photos and videos stored in the smartphone. The experts were also able to listen to two-way phone conversations while recording images, which means that the voices of the call recipient and the originator could be recorded.
According to Checkmarx, Google and Samsung have corrected this vulnerability, but it is possible that other smartphones running Android are affected. No other companies were specifically mentioned.
For its part, Google said: “We appreciate that Checkmarx brings this to our attention and works with Google and its Android partners […] The issue was addressed about Google devices impacted through an update of Play Store to Google Camera application in July 2019. A patch has also been made available to all partners. The researchers also indicate that the firm has privately warned other builders so they can fix the problem too.
Samsung indicates that patches have also been released on all smartphones affected by this vulnerability.
I am sorry that this post was not useful for you!
Let me improve this post!
Tell me how i can improve this post?