Thursday, September 22, 2011

Beware Android Users: Hackers can take over your phone

Google's Android operating system (OS) users beware, researchers have found two new vulnerabilities in the OS with one of them reportedly capable of gaining full access to your smartphone.

According to researchers Jon Oberheide and Zach Lanier, the first flaw, which affects all Android devices regardless of OS version, allows the installation of applications without users' approval. Considered as "permission escalation vulnerability," it affects all Android handsets regardless of the OS version.

The security hole reportedly allows attackers to install "arbitrary applications with arbitrary permissions." This means, once implemented, a hacker can install anything he wants to, accessing your data such as call records, texts, Web browsing history and media.

The second flaw affects only Samsung Nexus S handsets. It allows hackers to gain root access and then gain full control over the handset.

Over the past few months, there have also been several reports of Android phone users being hit with malware that sends text messages, makes calls to premium numbers and leaks personal information about the user.

Earlier in August, CA researcher Dinesh Venkatesan revealed information about an Android trojan that was reportedly capable of recording conversation. According to Venkatesan, the trojan recorded conversation after a user clicked on the install button on a message that appeared almost identical to the application's installation screen.