Skip to main content
  1. Home
  2. Mobile
  3. News

A two-year-old security flaw could give hijackers root access to your Android phone

By

Google Marshmallow
Image used with permission by copyright holder
Google warns that hijackers could get root access to your Android phone from an application using a security flaw that was first discovered two years ago.

Background

The flaw is part of the Linux Kernel, which is what Android is built on. It was actually fixed in April 2014, but it wasn’t flagged as a vulnerability at the time. Later in February 2015, the security implications were discovered, and it subsequently received the CVE-2015-1805 identifier. Even so, it wasn’t an issue for Android devices since it wasn’t ported to the Android software.

Recommended Videos

However, last month the CoRE Team found that this vulnerability could be exploited by hackers to achieve root on Android devices. A hacker with root access to your device would acquire superuser access, which is more control than even you or other third-party apps have. They would be able to access and modify all system files.

CoRE notified Google of the exploit and the company started working on a patch that would be included in a future security update. Unfortunately Google couldn’t work fast enough, as Zimperium, the security team who uncovered the Stagefright hack, told Google the exploit was already in use on a Nexus 5 phone.

This was done through an application in the Play Store that has already been blocked. Google actively blocks apps that attempt to achieve root access, but it’s unclear how long the app was in the wild. Google said in a security advisory, “Google has confirmed the existence of a publicly available rooting application that abuses this vulnerability on Nexus 5 and Nexus 6 to provide the device user with root privileges.”

Google classified this issue with a Critical severity rating, but the application in question wasn’t considered malicious. However, the Critical severity rating means that other hackers could use the same exploit to spread malware.

A patch is on the way

Google already published patches for the flaw in the Android Open Source Project (AOSP) for the 3.4, 3.10 and 3.14 versions of the Android kernel. Version 3.18 and above aren’t vulnerable.

These patches will be included in the April security update for Nexus devices. That’s the good news. The bad news is that Nexus devices only represent a handful of Android devices. It’s up to the manufacturers to issue patches for all the other Android devices around the world.

How to protect yourself

We know that exploits such as these can be scary, but you’re unlikely to fall victim to it if you make sure to download apps only from Google Play since Google will block any apps that use the exploit.

If you must install an app from a third party, make sure Verify Apps is turned on. To do this, open Settings, and find Google. Tap on it, followed by Security. Scroll down to the Verify Apps section and make sure that Scan device for security threats is turned on. Now any third-party apps that you install will be scanned for threats. Verify Apps is a good thing to turn on because it will protect you from all other exploits, not just this one.

If you want to find out if your device has received the patch, head into Settings, and tap on About Phone. Find the heading for the Android security patch level. If it’s April 1, 2016 or newer, you’re all set. If not, you can always contact the manufacturer of your phone and find out when the update will take place.

Editors’ Recommendations

Topics
Robert Nazarian
Robert Nazarian
Former Digital Trends Contributor
Robert Nazarian became a technology enthusiast when his parents bought him a Radio Shack TRS-80 Color. Now his biggest…
Google is launching a powerful new AI app for your Android phone
Google Gemini app on Android.

Remember Bard, Google’s answer to ChatGPT? Well, it is now officially called Gemini. Also, all those fancy AI features that previously went by the name Duet AI have been folded under the Gemini branding. In case you haven’t been following up all the AI development flood, the name is derived from the multi-modal large language model of the same name.

To go with the renaming efforts, Google has launched a standalone Gemini app on Android. Moreover, the Gemini experience is also being made available to iPhone users within the Google app on iOS. But wait, there’s more.

Read more
If you have one of these apps on your Android phone, delete it immediately
The app drawer on the Google Pixel 8 Pro.

The NSO Group raised security alarms this week, and once again, it’s the devastatingly powerful Pegasus malware that was deployed in Jordan to spy on journalists and activists. While that’s a high-profile case that entailed Apple filing a lawsuit against NSO Group, there’s a whole world of seemingly innocuous Android apps that are harvesting sensitive data from an average person’s phone.
The security experts at ESET have spotted at least 12 Android apps, most of which are disguised as chat apps, that actually plant a Trojan on the phone and then steal details such as call logs and messages, remotely gain control of the camera, and even extract chat details from end-to-end encrypted platforms such as WhatsApp.
The apps in question are YohooTalk, TikTalk, Privee Talk, MeetMe, Nidus, GlowChat, Let’s Chat, Quick Chat, Rafaqat, Chit Chat, Hello Chat, and Wave Chat. Needless to say, if you have any of these apps installed on your devices, delete them immediately.
Notably, six of these apps were available on the Google Play Store, raising the risk stakes as users flock here, putting their faith in the security protocols put in place by Google. A remote access trojan (RAT) named Vajra Spy is at the center of these app's espionage activities.

A chat app doing serious damage

Read more
How to use Android Recovery Mode to fix your phone or tablet
Pixel 3 recovery mode

Here's an unfun scenario: You've got one of the best Android phones or tablets, but things aren't working right. Typical virus scans and other troubleshooting fixes aren't working. It is time to use recovery mode. This mode allows you to reboot your system and get a fresh start without any viruses or other issues that were potentially causing you trouble.

Unfortunately, there's no one standard way to get into Recovery Mode. In other words, Samsung Galaxy phones and HTC phones have different pathways into the modes. Luckily for you, however, we have the most complete guide to entering Recovery Mode and you should be able to figure out how to get in on just about any device using the steps below.

Read more