Another day, another Android security bug.
A security researcher has discovered a gaping security hole in Android that leaves users extremely vulnerable to attackers remote hijacking their devices and executing arbitrary code in a single attack.
Quihoo 360 researcher Guang Gong demonstrated his exploit at MobilePwn2Own at the PacSec conference in Tokyo. Gong did not reveal the details of the exploit to prevent malicious individuals from taking advantage of the information. However, he did say the exploit targets the JavaScript v8 engine, and users can easily fall prey to attackers by opening links to malicious websites.
The demonstration revealed Google’s own Nexus 6 with Android 6.0 Marshmallow and running on Project Fi is vulnerable to the attack. His demonstration showed Gong successfully installing an arbitrary app, specifically BMX Bike, on a Nexus 6 without physically interacting with the device. For the full article click here
from hacker samurai http://ift.tt/1MhjGaz
via IFTTT
No comments:
Post a Comment