Chrome Zero-day Exploit leaves MILLIONS of Android devices vulnerable to Remote Hacking

/
0 Comments
Image result for Chrome Zero-day Exploit leaves MILLIONS of Android devices vulnerable to Remote Hacking

Chrome Zero-day Exploit leaves MILLIONS of Android devices vulnerable to Remote Hacking

Hackers have found a new way to hack your Android smartphone and remotely gain total control of it, even if your device is running the most up-to-date version of the Android operating system.

Security researcher Guang Gong recently discovered a critical zero-day exploit in the latest version of Chrome for Android that allows an attacker to gain full administrative access to the victim's phone and works on every version of Android OS.

The exploit leverages a vulnerability in JavaScript v8 engine, which comes pre-installed on almost all (Millions) modern and updated Android phones.

All the attacker needs to do is tricking a victim to visit a website that contains malicious exploit code from Chrome browser.

Once the victim accessed the site, the vulnerability in Chrome is exploited to install any malware application without user interaction, allowing hackers to gain remotely full control of the victim’s phone.

This Chrome for Android zero-day exploit was practically demonstrated by Gong in a hacking contest MobilePwn2Own during the 2015 PacSec conference in Tokyo.

Complete technical details on the exploit are not available yet, but the researcher has already alerted Google to the bug, and the company is expected to pay out a sizeable bug bounty for the exploit.


You may also like

No comments:

Powered by Blogger.