This post was most recently updated on September 9th, 2019
Not too long we experienced the incident of sim swapping attacks that utilizes a loophole in the two-factor authentication process of Android. Now, researchers from Check Point have discovered vulnerabilities in certain Android-based phones including the likes of Samsung, Huawei, Sony, and LG which allows attackers to access your information. The hackers break into android via text through phishing.
Statistics show that vulnerable phones account for 50% of all Android phones. The hacking technology used is called over-the-air (OTA). This technology is commonly used by cellular networks to update network settings on users’ phones. Also, because the technology requires only one entry to complete its operations, its ease of use is widely accepted.
So, how do the hackers break into android via text through phishing?
The picture above is a sample of the message that the hackers send to your phone.
First, when the suspicious setup message appears, people naturally tend to think that they are from legitimate sources. However, due to the industry standards contained in the Open Mobile Alliance Client Configuration (OMA CP) protocol, there is no practical way to verify its source, and this ambiguity is used by attackers for phishing.
Basically, the attacker sends OTP messages that is a replica of the ones from your cellular network. When an unlucky user accepts them, they are basically equivalent to agreeing that the hackers open their processing information channels, and the mobile phone will be hacked in this way.
- Hackers bypassed Galaxy S8 Iris scanner through Photo and a Lens Exploit
- How To Secure/Protect Your SmartPhones Against Attacks From Virus,Hackers or Theft
What Can the Hacker to your Android Once it is Compromised Using this Vulnerability?
Below are some of the settings that an attacker can change after the attack.
- include the browser home page and bookmarks
- mail server
- proxy address, and more. The equipment needed to build such an attack is not expensive, which makes it attractive to a wider range of black hat hackers.
As Check Point said:
“To send OMA CP messages, an attacker needs a GSM modem (a $10 USB dongle or a phone running in modem mode) for sending binary SMS messages, as well as simple scripts or off-the-shelf software for writing OMA CP, this whole process seems to save money.”
What are the Affected Phone Manufacturers Doing About this?
The mobile phone manufacturers mentioned above were informed of the existence of these security vulnerabilities in March. Currently, Samsung and LG released patches in May and July respectively, and Huawei plans to release the patch on the next-generation Mate series or P-series smartphones.
On the other hand, Sony has not yet patched the vulnerability and rejected all modifications based on standard measures. In addition, Check Point researchers successfully tested vulnerabilities on different models, including Huawei P10, Sony Xperia XZ Premium, LG G6 and Samsung Galaxy S9.
It is worth noting that Samsung phones are the most vulnerable among these brands because they have no information authenticity detection mechanism.