27
Jul
agps

Security Researcher Demonstrates GPS Vulnerability That Could Let Hackers Track Users' Location, Take Over Phone

Posted by in News

Over at Black Hat USA 2012, security researcher Ralf-Phillip Weinmann demonstrated a vulnerability in several Android devices that utilized A-GPS to send illicit messages to the device which could, he explained, be used to send a report of the device's location any time an A-GPS message was sent or even be used to gain complete control of the device.

In describing the attack, Weinmann pointed out that, for example, a malicious WiFi network could instruct a phone to relay all future A-GPS requests, even once the device has left the WiFi network's range. This even further drives home the point that you should not join any networks you don't trust.

09
Feb
image

Google Wallet's PIN Verification Cracked (Again), No Root Access Required

Posted by in Android OS, Applications, News
Last Updated: February 13th, 2012

Yesterday, a security firm called zvelo demonstrated a vulnerability within Google Wallet, cracking its PIN verification system using brute force, giving Wallet access to anyone who had the exploit. It was also revealed that the hack only worked on rooted devices, and Google swiftly reported that a fix for the bug was already being worked on.

Adding to Google Wallet's security worries, a new hack was posted online today, claiming to give access to Google Wallet (sans PIN) on non-rooted devices, requiring just a few steps to gain user information (and funds).

The Smartphone Champ reported on the newly-discovered flaw, explaining just how the exploit works:

The security flaw is painfully easy to do and requires no extra software nor does it require root.  All a person who wants to access your Google Wallet has to do is go into the application settings menu and clear the data for the Google Wallet app.  After doing that your Google Wallet app will be reset and will prompt for you to set a new pin the next time you open it.  The problem here is that since Google Wallet is tied to the device itself and not tied to your Google account, that once they set the new pin and log into the app, when they add the Google prepaid card it will add the card that is tied to that device.  In other words, they’d be able to add your card and have full access to your funds.

01
Feb
image

[Public Disclosure] Vulnerability In HTC Android Devices Exposed Wi-Fi Credentials To Apps Which Knew How To Ask (But, Thankfully, Didn't)

Posted by in HTC, News

A serious vulnerability that affected the way some popular HTC Android phones handle 802.1x usernames, passwords, and SSIDs was disclosed publicly today by engineers Chris Hessing and Bret Jordan. The bug allowed applications with only an ACCESS_WIFI_STATE permission to read your Wi-Fi SSIDs, usernames, and, most importantly, passwords on at least the following devices:

  • Desire HD  (both "ace" and "spade" board revisions) - Versions FRG83D, GRI40
  • Glacier - Version FRG83
  • Droid Incredible - Version FRF91
  • Thunderbolt 4G - Version FRG83D
  • Sensation Z710e - Version GRI40
  • Sensation 4G - Version GRI40
  • Desire S - Version GRI40
  • EVO 3D - Version GRI40
  • EVO 4G - Version GRI40

Of course, if a malicious application also happens to have access to the Internet, SMS, or other means of sending out information, credentials could leak out from a vulnerable device to a remote location.

30
Nov
image

Report: Security Vulnerability In Many Android Phones Allows Malicious Apps To Record Audio, Track Location, And More Without User Permission

Posted by in Android OS, News
Last Updated: August 2nd, 2012

According to a group of computer scientists at North Carolina State University, a vulnerability exists within many Android devices that would allow hackers (or malicious apps) to bypass the permissions request process and tap into audio and location, wipe apps and data, or send unauthorized SMS messages, all without the user knowing.

This news may sound a bit sensational, but the researchers have created and tested a dummy app which effectively demonstrates the exploit:

Among the eight phones tested with the researchers' diagnostic app (Woodpecker), HTC's Evo 4G seemed to be the most vulnerable, able to "leak" eight different capabilities to their dummy app, which was not explicitly granted appropriate permissions by the user.

25
Oct
htc-logo

[Updated] Carriers Sending Out An OTA Update To Fix Massive Security Flaw In Several HTC Devices

Posted by in EVO 3D (Shooter), EVO 4G (Supersonic), EVO Design 4G, EVO View 4G, News, Thunderbolt (Mecha)

At the beginning of the month, we broke the news about a huge security vulnerability in several HTC phones, including the Thunderbolt, EVO 3D, EVO 4G, and possibly more. Not long after word of this issue hit the 'net, HTC issued a response acknowledging it, as well as promising to deliver a patch to correct it. Looks like they are making good on that promise now, as several HTC devices are currently receiving an OTA update to correct this vulnerability.

So far, we've confirmed that the EVO 3D, EVO 4G, EVO View 4G, and EVO Design 4G on Sprint are all receiving an OTA update.

15
Oct
image

HTC Security OTA Appearing On European Sensations [Update: And Now The GSM EVO 3D, Too]

Posted by in HTC, Sensation / Sensation 4G (Pyramid)

Originally Posted October 12th.

It's been eleven days since Android Police published this story detailing the discovery by Trevor Eckhart of some serious security issues within HTC's more recent software. Three days after that HTC responded, and now, a further week or so later, we are seeing reports of an "important security update" being pushed to HTC Sensations throughout Europe.

image

Screencap by FG1234 of Android-Hilfe.de

While HTC does not specify exactly what the ~9 MB update addresses, the timing seems right to relate to the preceding story. Besides alluding to some positive-sounding "performance improvements and new features", the update description does not mention any further details, and HTC certainly doesn't dwell on the nature of the security update itself.

04
Oct
image

HTC Acknowledges Data-Exposing Vulnerability In Some Devices, Promises Over-The-Air Patch Shortly

Posted by in HTC, News
Last Updated: October 5th, 2011

HTC acknowledged the vulnerability in some of its devices that Android Police together with Trevor Eckhart posted Saturday night. The privilege escalation vulnerability currently allows a potentially malicious app that uses only the INTERNET permission to connect to HTC's HtcLoggers service and get access to data far exceeding its access rights. This data includes call history, the list of user accounts, including email addresses, SMS data, system logs, GPS data, and more.

HTC added that a software fix is already in the works and will be pushed to affected devices following a brief testing period (hopefully carriers won't end up delaying the OTA roll-out too much due to additional testing and bureaucracies).

01
Oct
image

Massive Security Vulnerability In HTC Android Devices (EVO 3D, 4G, Thunderbolt, Others) Exposes Phone Numbers, GPS, SMS, Emails Addresses, Much More

Posted by in EVO 3D (Shooter), EVO 4G (Supersonic), HTC, News, Thunderbolt (Mecha), Videos
Last Updated: January 17th, 2012

I am quite speechless right now. Justin Case and I have spent all day together with Trevor Eckhart (you may remember him as TrevE of DamageControl and Virus ROMs) looking into Trev's findings deep inside HTC's latest software installed on such phones as EVO 3D, EVO 4G, Thunderbolt, and others.

These results are not pretty. In fact, they expose such ridiculously frivolous doings, which HTC has no one else to blame but itself, that the data-leaking Skype vulnerability Justin found earlier this year pales in comparison. Without further ado, let me break things down.

The Vulnerability

Update 10/4/11: HTC posted a public response promising a patch.

25
Aug
motorola-droid-3-all-sides

Motorola Droid 3 Finally Joins The Rooted Community

Posted by in Droid 3, News

The Droid 3 is the most powerful Droid to date -- its 1Ghz dual-core OMAP processor and Android 2.3.4 make it a speedy and capable device. As with most devices, D3 owners wanted root access in order to take full advantage of all that it had to offer. That day has finally arrived, as the D3 has been rooted by developer drjbliss from the XDA forums.

droid3-root

The rooting process seems to be rather easy, granted you have ADB set up and know how to use it. The vulnerability was found in some proprietary Motorola code that allows specific files to be edited and manipulated into achieving root access.

17
May
26-Android-security

Security Vulnerability In Most Versions Of Android Allows Attackers To Steal Your Login Credentials

Posted by in Android OS, News

Regardless of where you sit in the tech world, there is one thing that affects us all: security vulnerabilities. Unfortunately, our little green robot is no exception this rule, and The Register recently dropped a report on a potentially bad exploit.

Apparently, in Android 2.3.3 and below, there is a vulnerability that would allow attackers to collect digital tokens that are stored on the device after users login to Google Calendar, Facebook, Twitter, and "several other accounts."

Here's how it works: when you login to an account, an authToken is stored locally on your device for 14 days, allowing you to re-access the service without hassle.

Page 1 of 212