Technology with attitude

Vulnerability in Chrome for Android Puts Millions at Risk of Hackers

0

There is a new vulnerability in Chrome for Android and the disturbing part of it is that hackers have a way of exploiting it.

According to the latest reports, the discovered critical exploit can be used by hackers to compromise almost every Android version that is running on the latest edition of Chrome mobile browser.

Google’s Chrome is preinstalled on each and every recent Android device, apart from those being sold in China, which means that an awfully huge number of those using this open-source OS are in potential trouble.

How it works

It is very easy for the hackers to take advantage of this scenario. All they need is for you to open a link that contains the malicious code and in so doing, you will be granting the hacker full control of your handset. What this means is that the hacker can easily download apps on your phone, make phone calls and do lots of other things without the need of your permission or interaction.

Even though this vulnerability has already been made public, it is yet to go viral and as such, there is some reason for you to feel a little less concerned.

This discovery was made by Guang Gong, a member of Quihoo360 software security research team, and revealed to the MobilePwn2Own panel during the PacSec conference held in Tokyo. The exploit includes the exploitation of V8 JavaScript engine, which is just about the entire technical information we know about this vulnerability. Gong chose not to share detailed information about this exploit in the event, only mentioning that the discovery is 3 months of work.

Google is working on a solution

Gong’s work seems to have paid off as the Tokyo-held conference was also attended by a Google security team member. This information is already in Mountain View, something that might attract a bug bounty for the person who discovered the hitch.

With the information already in Google’s headquarters, it is safe to think that a fix to patch this exploit is already under development. The good side of the story is that since this is affecting Chrome browser, there won’t be any need for approval from manufacturers and carriers as it is always with Android OS OTA updates. The update will be availed directly via the Play Store.

Staying safe with Chrome

There is no doubt that this information is scaring off some people from using Chrome. Well, don’t be, but keep in mind that opening any simple link is capable of remotely granting hackers full access to your handset. Thus, always make sure that you know the links you tap to open on your phone.