Das identified the vulnerability in Android Foreground Services while resolving technical issues while creating an Android application, according to an email from Google Android Security Team.
Google has awarded India's Rony Das for identifying and reporting a problem in the Android Foreground Services that hackers might easily exploit to gain access to personal information. Das, who is from Assam, earned $5,000 (about Rs 3.5 lakh) as a reward from Google for reporting the problem. Das, a cyber security specialist, disclosed the problem to Google in May of this year. Das identified the vulnerability in Android Foreground Services while resolving technical issues while creating an Android application, according to an email from Google Android Security Team.
According to media sources, the Google Android Security Team wrote to Das saying thank you for his work; they would want to grant him a $5000 discretionary incentive. It went on to say that this is a one-time exemption to our standard processes as a way of saying thank you for the high-quality submission and follow-up information you supplied.
According to Das, the issue he discovered is incompatible with using Android Foreground Services, and his hack might circumvent the detection process by exploiting this vulnerability. This vulnerability was able to access the phone's hardware in the background, such as the camera, microphone, and location, without telling the user or providing any notifications. Das was in continual contact with Google after reporting the vulnerability, and it was through his assistance, Google was able to address the flaw. Das also declined to reveal technical information about the issue, citing Google's confidentially.
Also Read | Google employees may lose pay, get fired for not complying with vaccination rules: Report
However, Google has not yet released any details regarding this repair. So, if you're wondering if this vulnerability affected your phone, Google hasn't explained. Das describes himself as a cyber geek, and one of his last projects was finding a problem on the official website of Gauhati University. Tech corporations such as Google, Apple, and Facebook offer Bug bounties to researchers, engineers, and cyber specialists for uncovering flaws, so if you know, you might potentially receive a prize.