Warning: 80% Android smartphones under security threat

A recently discovered Linux exploit is putting the security of up to 80% Android smartphones at stake, says a blog report by Lookout, a mobile security firm. It says that this exploit is capable of allowing attackers to intercept unencrypted web traffic and spy on users.

According to the security researchers, Linux is using its vulnerability in the Transmission Control Protocol (TCP) which helps attackers to remotely spy on android users with the help of their IP addresses.“We can estimate then that all Android versions running the Linux Kernel 3.6 (approximately Android 4.4 KitKat) to the latest are vulnerable to this attack or 79.9% of the Android ecosystem,”the blog report said.  

The report further states that the vulnerability is of medium severity and enterprises running mobility programmes are particularly at risk.These enterprises are advised to check if any of their communications services are unencrypted as unencrypted data can allow the attackers to access and manipulate sensitive information including corporate emails, files and documents.

In order to patch this vulnerability Android devices need to have their Linux kernel updated.  Fortunately, there are a few remedies a user can do until the patch is released:

• Encrypt your communications to prevent them from being spied on. This means ensuring the websites you browse to and the apps you use are employing HTTPS with TLS. You can also use a VPN if you want to add an extra step of precaution.

• If you have a rooted Android device you can make this attack harder by using the sysctl tool and changing the value for net.ipv4.tcp_challenge_ack_limit to something very large, e.g. net.ipv4.tcp_challenge_ack_limit = 999999999

• We are not aware of PoCs exploiting this new vulnerability and anticipate Google will patch in the next Android monthly patch. In the meantime, we will continue to monitor for exploits.

• Android smartphones
• hackers