Android devices can be fatally hacked by malicious Wi-Fi networks

So, what do you all say? Let's go back to the old school rotary phones and just call it a day.

A broad array of Android phones are vulnerable to attacks that use booby-trapped Wi-Fi signals to achieve full device takeover, a researcher has demonstrated.

The vulnerability resides in a widely used Wi-Fi chipset manufactured by Broadcom and used in both iOS and Android devices. Apple patched the vulnerability with Monday's release of iOS 10.3.1. "An attacker within range may be able to execute arbitrary code on the Wi-Fi chip," Apple's accompanying advisory warned. In a highly detailed blog post published Tuesday, the Google Project Zero researcher who discovered the flaw said it allowed the execution of malicious code on a fully updated 6P "by Wi-Fi proximity alone, requiring no user interaction."

Google is in the process of releasing an update in its April security bulletin. The fix is available only to a select number of device models, and even then it can take two weeks or more to be available as an over-the-air update to those who are eligible. Company representatives didn't respond to an e-mail seeking comment for this post.

The proof-of-concept exploit developed by Project Zero researcher Gal Beniamini uses Wi-Fi frames that contain irregular values. The values, in turn, cause the firmware running on Broadcom's wireless system-on-chip to overflow its stack. By using the frames to target timers responsible for carrying out regularly occurring events such as performing scans for adjacent networks, Beniamini managed to overwrite specific regions of device memory with arbitrary shellcode. Beniamini's code does nothing more than write a benign value to a specific memory address. Attackers could obviously exploit the same series of flaws to surreptitiously execute malicious code on vulnerable devices within range of a rogue access point. 

Read more - click here.

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • Remote Server Administration Tools for Windows 10
    Written by

    Da Boss!

    Remote Server Administration Tools for Windows 10 Download away!
    Read more...
  • How to make use of (Microsoft) Edge’s nifty reading features
    Written by

    Da Boss!

    How to make use of (Microsoft) Edge’s nifty reading features Not a fan of the Edge browser myself but a…
    Read more...
  • Whats new in Windows 10 Bash/WSL & Windows Console
    Written by

    Da Boss!

    Whats new in Windows 10 Bash/WSL & Windows Console I love how Microsoft is embracing Open Source with Windows 10.…
    Read more...
  • Activision announces 'Call Of Duty: World War II'
    Written by

    Da Boss!

    Activision announces 'Call Of Duty: World War II' So, it seems we are headed back to WW II…
    Read more...
  • WD Purple 1TB Surveillance Hard Disk Drive - 39.99 - WOOT Deal
    Written by

    Da Boss!

    WD Purple 1TB Surveillance Hard Disk Drive - 39.99 - WOOT Deal Only 15 hours left so if you want one you…
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.