Almost 3 Million Android Smartphones are vulnerable to code-execution attacks

You are reading a story from PhoneRadar.

Android devices being vulnerable to malware attacks, etc. is nothing new to us. We have seen a lot of reports regarding the same previously, and surely we will keeping getting these threats. On the same lines, what we have today is also something quite threatening. According to the new reports which we have, nearly three million Android smartphones are vulnerable to attacks. Out of the total number of devices, most of the devices are active in the U.S region.

This man-in-the-middle attacks hits the root level and sends device information to a server in China. And not just that, the information is also sent to two other domains which were hard-wired into the firmware of the affected devices. A security firm named BitSight Technologies registered these unregistered domains and controlled them. It has been reported over 2.8 million devices have tried connecting to the domain and download software. If you don’t understand what is going on here, it basically means that the vulnerability could allow the installation of malware on affected handsets.

And all this done in such a way that the owner of the smartphone won’t even know about it. And once it has access to your device, it can potentially install anything else, bug phone calls or even tap the keystrokes to know the passwords, etc. Ironically this is not the first time that we hear news like this, Previously also a similar news broke down where it was reported servers in China are reportedly receiving information from some handsets which include texts, location details, etc.

In the previous reports, a number of devices were also listed which included devices from ZTE, Huawei, BLU, etc. However, all the manufacturer’s listed reports backed saying that they are not aware of any kind of software from such source and also reported that none of their devices were running any software in their lineup. Do make a note that the vulnerability which we have right now has nothing to do with the previous one and this is completely different.

This time, it has been reported over 55 known Android smartphone models tried to send data to the two domains which are now registered and controlled by the company as mentioned earlier. Well, this time as well, out of the 55 known models, 26% were manufactured by BLU. 11% devices were from Infinix, and 8% of them were from Doogee. However, the remaining number of devices that were sending the information didn’t mention anything about where it came from. One thing which we do know is that all these devices came from various sectors including banking, healthcare, etc.

Well, as of now, only BLU came up with a comment on this saying that they will be coming up with an update to fix this issue. Post this fiasco, the Depart of Homeland Security issued a CERT advisory about the vulnerability. They listed three hosts which these affected devices were trying to connect. The devices listed below are the ones that are sending the information and trying to communicate –

• BLU Studio G
• BLU Studio G Plus
• BLU Studio 6.0 HD
• BLU Studio X
• BLU Studio X Plus
• BLU Studio C HD
• Infinix Hot X507
• Infinix Hot 2 X510
• Infinix Zero X506
• Infinix Zero 2 X509
• DOOGEE Voyager 2 DG310
• LEAGOO Lead 5
• LEAGOO Lead 6
• LEAGOO Lead 3i
• LEAGOO Lead 2S
• LEAGOO Alfa 6
• IKU Colorful K45i
• Beeline Pro 2
• XOLO Cube 5.0

Stay tuned for more info on this as we will update once we have more details on the same.

This story appeared first on PhoneRadar. Join the PhoneRadar Forums to discuss, meet experts & share your experiences. We have now launched a Hindi Website for the latest news in Hindi. Click here to read PhoneRadar Hindi