A failure of Android allows recording conversations remotely to hackers

A breach of mobile phones with Android operating system allows hackers to record conversations and take screenshots remotely, as it has released the security company Check Point through his blog.

Android, A failure of Android allows recording conversations remotely to hackers,

A failure of Android allows recording conversations remotely to hackers

All this through the MediaProjection service for Android Framework. That is a platform that Google introduced in Android 5.0 for the use of third-party applications. According to the company, this service allows application developers to record the screen of a phone. And even record the audio without the need to have administrator privileges.

A bug that affects 77% of Android users

As revealed by Check Point, Google corrected this problem in version 8.0 of Android (Oreo) last November. However, the bug remains uncorrected in the 5.0 Lollipop, 6.0 Marshmallow, and 7.0 Nougat editions. Therefore, the company estimates that the ruling affects 77.5% of all users who have a mobile phone with the Android operating system.

Android’s vulnerability is based on the technique known as clickjacking. In versions before Android 8.0. Also, MediaProjection lacks a specific window to request permissions such as access to contacts or location. Each time an application tries to use it, a different message appears with the name of the SystemUI popup window. According to the company, through an app, hackers could detect when the SystemUI window is about to seem to show a false message with which to persuade the victim.

The method of cybercriminals to deceive the victim

After detecting the moment in which the SystemUI window will appear. Also, hackers can overlay on the screen a false message granting permission to use the ‘app.’ A malicious hardware that confuses the victim. So, that he gives the rights without even being aware of it. So, once you have accepted the permissions, the cybercriminals can now take screenshots and also record conversations.

Check Point ensures that every time that cybercriminals make screenshots or audio recordings an indicator. That will appear in the notification bar. However, as the company explains, most users “probably do not understand its true meaning.”

Given that Google has not been able to find the solution for the time being. Also, the Check Point has recommended that users bet on advanced security measures capable of detecting. And blocking any attempt to display a false overlay window or perform any malicious activity through the use of dynamic analysis.