Android devices can be fatally hacked by malicious Wi-Fi networks

So, what do you all say? Let's go back to the old school rotary phones and just call it a day.

A broad array of Android phones are vulnerable to attacks that use booby-trapped Wi-Fi signals to achieve full device takeover, a researcher has demonstrated.

The vulnerability resides in a widely used Wi-Fi chipset manufactured by Broadcom and used in both iOS and Android devices. Apple patched the vulnerability with Monday's release of iOS 10.3.1. "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip," Apple's accompanying advisory warned. In a highly detailed blog post published Tuesday, the Google Project Zero researcher who discovered the flaw said it allowed the execution of malicious code on a fully updated 6P "by Wi-Fi proximity alone, requiring no user interaction."

Google is in the process of releasing an update in its April security bulletin. The fix is available only to a select number of device models, and even then it can take two weeks or more to be available as an over-the-air update to those who are eligible. Company representatives didn't respond to an e-mail seeking comment for this post.

The proof-of-concept exploit developed by Project Zero researcher Gal Beniamini uses Wi-Fi frames that contain irregular values. The values, in turn, cause the firmware running on Broadcom's wireless system-on-chip to overflow its stack. By using the frames to target timers responsible for carrying out regularly occurring events such as performing scans for adjacent networks, Beniamini managed to overwrite specific regions of device memory with arbitrary shellcode. Beniamini's code does nothing more than write a benign value to a specific memory address. Attackers could obviously exploit the same series of flaws to surreptitiously execute malicious code on vulnerable devices within range of a rogue access point. 

Read more - click here.

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • iOS 11 is causing massive battery drain problems
    Written by

    Da Boss!

    iOS 11 is causing massive battery drain problems Sometimes, it's a good thing to just wait for the…
    Read more...
  • Meth found in 7-Up in Mexico
    Written by

    Da Boss!

    Meth found in 7-Up in Mexico Meth in 7-Up. What's next? 
    Read more...
  • ASUS B250 Mining Expert LGA 1151 Motherboard - supports up to 16x GPU, Mining Mode BIOS Optimization
    Written by

    Da Boss!

    ASUS B250 Mining Expert LGA 1151 Motherboard - supports up to 16x GPU, Mining Mode BIOS Optimization Ya know, if I was that into Mining I would…
  • CCleaner for Windows "Hacked" - Hackers Hid Backdoor
    Written by

    Da Boss!

    CCleaner for Windows "Hacked" - Hackers Hid Backdoor Welp...I'm s****! I use CCleaner all the time. So much…
    Read more...
  • Introducing Project “Honolulu”, our new Windows Server management experience
    Written by

    Da Boss!

    Introducing Project “Honolulu”, our new Windows Server management experience This looks pretty cool! I could see myself using it.
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.