Category: General|Aug 31, 2024 | Author: Admin

Some Android smartphones have been found to contain a hidden security vulnerability

Share on

Some Android smartphones have been found to contain a hidden security vulnerability that could allow remote access to user data, alarming cybersecurity experts and leading to a halt in the use of these devices by a major intelligence contractor, The Washington Post reports.

Some Android smartphones have been found to contain a hidden security vulnerability

The vulnerability, identified by the security firm iVerify, involves a pre-installed application known as Showcase.apk, which, though dormant by default, can be activated to potentially allow unauthorized remote access to the devices. The Showcase.apk application was discovered within certain models of Android phones, including Google Pixel devices.

 

According to iVerify, the application appears to have been designed for use in retail environments, allowing employees to demonstrate the device's features to customers. However, researchers found that when activated, the application could connect to a server via an unsecured "http" connection, making it vulnerable to interception by cybercriminals. This flaw could enable attackers to execute code remotely, potentially injecting malicious code or spyware and gaining access to sensitive data stored on the device.

 

Palantir Technologies, a data analysis platform vendor that often works with government agencies and other security-sensitive clients, expressed grave concerns about the implications of this vulnerability. The company has ceased the use of Android phones for their employees as a result.

 

The presence of this vulnerability on Pixel devices is particularly notable since they are known for receiving timely security updates directly from Google. Google has now announced that it will issue an update to remove the Showcase.apk application from all supported Pixel devices. Distributors of other Android phones will also be officially notified of the issue.

Sponsored Ads:

Comments:


city-lights-008-02-25.png

Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers

Category: Microsoft|Feb 8, 2025 | Author: Admin
cloudflare-07-02-25.png

Cloudflare outage caused by botched blocking of phishing URL

Category: IT|Feb 7, 2025 | Author: Admin
windows-blue-background-06-02-25.png

New Microsoft script updates Windows media with bootkit malware fixes

Category: Microsoft|Feb 6, 2025 | Author: Admin
Microsoft_Office-05-02-25.png

This Microsoft Office Standalone license deal comes with AI improvements

Category: Microsoft|Feb 5, 2025 | Author: Admin
7-zip-red-bright-04-02-25.png

7-Zip MotW bypass exploited in zero-day attacks against Ukraine

Category: IT|Feb 4, 2025 | Author: Admin
Microsoft_Defender-03-02-25.jpg

Microsoft kills off Defender 'Privacy Protection' VPN feature

Category: Microsoft|Feb 3, 2025 | Author: Admin
back-pypi-02-02-25.png

PyPI adds project archiving system to stop malicious updates

Category: IT|Feb 2, 2025 | Author: Admin
ai-cybersecurity-hacker-01-02-25.png

Google says hackers abuse Gemini AI to empower their attacks

Category: IT|Feb 1, 2025 | Author: Admin
Chromium-headpic-31-01-25.png

Microsoft improves text contrast for all Windows Chromium browsers

Category: Microsoft|Jan 31, 2025 | Author: Admin
Google_Chrome-30-01-25.png

New Syncjacking attack hijacks devices using Chrome extensions

Category: Google|Jan 30, 2025 | Author: Admin
Google-Chrome-29-01-25.png

Google to kill Chrome Sync on older Chrome browser versions

Category: Google|Jan 29, 2025 | Author: Admin
Microsoft-28-01-25.png

Microsoft gives OpenAI some breathing room

Category: Microsoft|Jan 28, 2025 | Author: Admin
Windows-11-27-01-25.png

Windows 11 24H2 preview brings new taskbar features

Category: Microsoft|Jan 27, 2025 | Author: Admin
paypal-26-01-25.png

PayPal to pay $2 million settlement over 2022 data breach

Category: IT|Jan 26, 2025 | Author: Admin
zyxel-25-01-25.png

Zyxel warns of bad signature update causing firewall boot loops

Category: IT|Jan 25, 2025 | Author: Admin
more