Almost 1.4 billion Android users are at risk of hijacking due to this Linux vulnerability

A linux vulnerability with version 3.6 leaves almost 80 per cent Android smartphones at the risk of hijacking

By: Tech Desk | Updated: August 16, 2016 8:55:30 pm
A linux vulnerability with version 3.6 leaves almost 80 per cent Android smartphones at the risk of hijacking A Linux vulnerability with version 3.6 leaves almost 80 per cent Android smartphones at the risk of hijacking

Almost 1.4 billion Android smartphone users are affected by a Linux vulnerability discovered recently. The vulnerability allows attackers to spy on people using unencrypted connections or inject malicious code into encrypted connections, states a blog post by researchers from mobile security firm Lookout.

The Linux vulnerability is applicable on all Android smartphones running Android 4.4 KitKat or higher. The Linux vulnerability also attacks the latest Android 7.0 Nougat developer beta. The security researchers at Lookout note the patch for Linux kernel was authored on July 11, 2016 and the latest developer preview of Android Nougat doesn’t seem to be patched against this flaw.

The security flaw was first found in version 3.6 of the Linux operating system kernel. The version 3.6 was introduced in 2012, reports ArsTechnica. ArsTechnica’s report adds Google is already aware of this flaw and its engineers are taking appropriate actions.

Linux security flaw basically attacks the transport control protocol (TCP) connection whenever a user establishes a long-lived internet connection. The Lookout security report says if the connection is found unencrypted, the attackers can inject malicious code into the traffic. The worst part of the attack is the fact the flaw leaves even encrypted connections at the risk of being terminated.

ArsTechnica further adds that it takes only 10 seconds for an attacker to monitor the connection and another 45 seconds to inject the malicious code into their traffic. The technique seems apt for targeted attacks, and not opportunistic ones.

Also Read: QuadRooter vulnerability leaves 900 mn Qualcomm-powered Android phones at risk

Recently, researchers at Checkpoint confirmed that nearly 900 million Android smartphones powered by Qualcomm chipsets are at the risk of root access due to Quadrooter vulnerability. The vulnerability only affects smartphones running Qualcomm processors, and there is little a user can do to protect against these flaws. Android smartphones are also under constant threat from vulnerabilities like Stagefright.

For all the latest Technology News, download Indian Express App

Share your thoughts
Advertisement
Advertisement