A serious vulnerability affecting Google and Samsung smartphones, with the potential to impact hundreds of millions of Android users, was recently confirmed, according to a story in Forbes.
Researchers discovered that hackers could take control of a smartphone user’s camera apps and remotely take photos, record video, spy on your conversations by recording them as a person lifts the phone to their ear and identify their location.
“When the Checkmarx security research team began researching the Google Camera app, on the Pixel 2XL and Pixel 3 smartphones that were to hand, they found several vulnerabilities,” Forbes reported.
“Our team found a way of manipulating specific actions and intents,” Erez Yalon, director of security research at Checkmarx said, “making it possible for any application, without specific permissions, to control the Google Camera app. This same technique also applied to Samsung’s Camera app.”
The implications of these vulnerabilities, given the footprint of Google and Samsung smartphones alone, presents a significant threat to hundreds of millions of users.
Checkmarx explained its findings in detail in a post titled “How Attackers Could Hijack Your Android Camera to Spy on You.”
Some media reported that Google said it has fixed the problem–but not for everyone.
“Researchers have disclosed a high-severity issue that could allow attackers to hijack the Google Camera App, the built-in smartphone camera for Android phones,” reported threatpost.
“The issue was fixed for Google-manufactured phones in July – but Google said patches are still rolling out to smartphones in the broader Android ecosystem, including to Samsung phones,” reported threatpost.
In a story published in The Crime Report, a new report was revealed in Journal of Cyber Policy saying that our cellphones, whether they are iPhones or Galaxy S9s, are listening to us and transmitting the data they hear. So are objects that include the Apple Watch, the Samsung Smart TV 9000, the Samsung Smart Dishwasher, and even the My Friend Cayla Doll.
All of these devices, analyzed in the report, are putting Americans under intense surveillance through the use of microphones, cameras, barometers, proximity sensors, ambient sensors, thermometers, Bluetooth, GPS location, and even heart rate monitors, concluded the report “Enabling Mass Surveillance: Data Aggregation in the Age of Big Data and the Internet of Things.”
The report was written by Marie-Helen Maras and Adam Scott Wandt, professors at the John Jay College of Criminal Justice.