Date:11/02/19
What's the harm in opening a digital image? Well, Google has uncovered a new method to hack Android smartphones using malicious PNG files.
The problem was disclosed this week in Google's Android security bulletin. A serious flaw in the operating system's framework can let a remote attacker execute computer code on an Android device by using a "specially crafted PNG file," the notice said.
The bulletin is deliberately vague on details, but Google said the issue was the most critical security vulnerability to be addressed on the list. It isn't hard to imagine why; by exploiting the flaw, a hacker could send harmless-looking PNG files to victims over email, a messaging app, or social media that in reality trigger an Android device to download additional malware.
It isn't the first time security research has shown that PNG files can be rigged for dangerous effect. Experts have demonstrated that you can encrypt Android malware inside images as a way to evade antivirus software. A separate app can then read the image file and decrypt it to launch the hidden computer code inside.
The flaw found in Android specifically deals with three vulnerabilities. The good news is that Google has patched the problems with an update to Android. Unfortunately, many third-party device makers can take weeks, if not months, to roll out security patches to their own phones. So you won't be protected until your Android handset receives the 2019 Feb. update.
Still, Google hasn't released technical details of the flaw. That means it won't be easy for anyone to discover the hacking method. The company has also received no reports of anyone exploiting the vulnerability against real users.
New Android Bug Can Let Hackers Attack Phone With PNG Image File
What's the harm in opening a digital image? Well, Google has uncovered a new method to hack Android smartphones using malicious PNG files.The problem was disclosed this week in Google's Android security bulletin. A serious flaw in the operating system's framework can let a remote attacker execute computer code on an Android device by using a "specially crafted PNG file," the notice said.
The bulletin is deliberately vague on details, but Google said the issue was the most critical security vulnerability to be addressed on the list. It isn't hard to imagine why; by exploiting the flaw, a hacker could send harmless-looking PNG files to victims over email, a messaging app, or social media that in reality trigger an Android device to download additional malware.
It isn't the first time security research has shown that PNG files can be rigged for dangerous effect. Experts have demonstrated that you can encrypt Android malware inside images as a way to evade antivirus software. A separate app can then read the image file and decrypt it to launch the hidden computer code inside.
The flaw found in Android specifically deals with three vulnerabilities. The good news is that Google has patched the problems with an update to Android. Unfortunately, many third-party device makers can take weeks, if not months, to roll out security patches to their own phones. So you won't be protected until your Android handset receives the 2019 Feb. update.
Still, Google hasn't released technical details of the flaw. That means it won't be easy for anyone to discover the hacking method. The company has also received no reports of anyone exploiting the vulnerability against real users.
Views: 360
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
