Skip to main content
  1. Home
  2. Mobile
  3. Android
  4. News

About 50 million Android devices are still vulnerable to the Heartbleed Bug

Christian Brazil Bautista
By
hacking team tools government hack smartphones heartbleed phone smartphone mobile v2

Android users may be more susceptible to the Heartbleed Bug than previously thought. According to data from The Guardian, around 50 million Android smartphones are vulnerable to the OpenSSL bug. The data was based on a Google announcement published on April 9, which read: “All versions of Android are immune to CVE-2014-0160, with the limited exception of Android 4.1.1…” CVE-2014-0160 refers to the Heartbleed Bug. According to analytics firm Chitika, the number of smartphones worldwide that run on Android Jelly Bean 4.1.1 is estimated at around 50 million, and 4 million of those are in the United States.

Around 50 million Android handsets are vulnerable, and 4 million are in the United States.

“Over that seven-day time period (April 7-13), Android 4.1.1 users generated 19 percent of total North American Android 4.1 Web traffic, with users of version 4.1.2 generating an 81 percent share,” said Chitika. To put the numbers in perspective, an earlier report from Chitika said that Android 4.1 users generated 25.4 percent of Android Web traffic in North America. When referenced with ComScore data that pegged the number of Android users in the U.S. at 85 million, the number of vulnerable handsets in the U.S. comes to 4 million. 

While the figure represents a small fraction of Android users, the total number of handsets affected is staggering. There’s also a possibility that more phones are vulnerable. Google has not given concrete numbers as to how many Android phones are affected. But in an email to Digital Trends, Google representatives estimated “use of Android 4.1.1 to be at single digit percentages,” which could mean that anywhere from 20 to 100+ million devices are affected.

Android phones running Jelly Bean can be hacked using a method called “reverse Heartbleed.” This means that a malicious server could use the OpenSSL vulnerability to lift data from the phone’s browser such as past sessions and logins. So far, the risk remains theoretical.  

Android phones seem to be most affected by the Heartbleed Bug. Apple does not use the affected version of OpenSSL on its iPhones, and Microsoft said that Windows Phone has not been affected. 

If your phone is still running on Android 4.1.1, you can check if you’re vulnerable using the Lookout app, which you can download here. We’ve also posted a list of apps that have been affected, which you can check out here for added security.

Editors' Recommendations

Video-editing app LumaFusion to get a Galaxy Tab S8 launch
A tablet featuring the LumaFusion video editing app.
Apple rolls out iOS 16 update to fix frustrating camera-shake, paste bugs
iPhone 14 Pro gets iOS 16.0.2 update.
Samsung’s new rugged phone and tablet tout 5G and 5 years of updates
Samsung Galaxy Tab Active 4 Pro and Galaxy XCover 6 Pro.
The best gaming tablets for 2022
New Apple Ipad Mini Gaming.
Your guide to the best e-book readers for 2022
Kindle Oasis (2019) Review
Does the iPhone 14 have a 120Hz display?
Someone holding an iPhone 14, showing the Lock Screen.
How to transfer WhatsApp messages from Android to iPhone
Two phones on a table next to each other. One is showing the WhatsApp logo, and the other is running the WhatsApp application.
Best cheap Fitbit deals for September 2022
fitbit versa review version 1522045407 full 19
The Uber hack is an outrageous tale of a teen hacking for fun
An Uber cab
The best Samsung Galaxy S22 screen protectors for 2022
The Samsung Galaxy S22 in hand.
LG’s doomed Rollable phone appears on video to show us what we missed
LG Rollable front, midway through unfolding.
How to transfer your SIM and phone number to an iPhone 14
eSIM page on the iPhone 14.
Amazon’s new Fire HD 8 tablets run faster, last longer, and start at $100
amazon fire hd 8 2022 tablet news plus