If you are using an Android smartphone in business, you may want to think again.
BitSight just reported that certain Android smartphones are vulnerable to hacking, as the Over-the-Air update mechanism is insecure. This potential for hacking is reported in lower priced Android devices, particular from Best Buy and BLU Studio G.
This finding means that almost 3 million people throughout the world using Android smartphones are at risk for being attacked by a hacker accessing their phone remotely. This is possible because they have discovered a pre-installed backdoor that contains root privileges. This allows the hacker to gain complete control of the phone.
The OTA mechanism that is prone to hacking is found in phones made by Ragentek Group out of China, and the hidden binary contained within provides information to the hacker regarding the user and sets up the potential for the hacker to use the device as a privileged user.
This flaw in the Android devices has been hidden well, using a number of techniques to ensure that the binary wasn’t uncovered.
A person who wants to hack your Android smartphone can gather all of your personal information off of the device, erase your device remotely, and then use the information gathered to access your business database in order to steal further information.
With close to 3 million devices that have been discovered that contain this dangerous rootkit, the outcome could mean a disaster for many Android users. This has been a recurring problem for Android smartphones, as this is the second time this week that investigators have uncovered pre-installed backdoors on Android devices. These devices are sending huge amounts of data to servers in China, and the set up allows your system to be run remotely.
Absolutely amazing. Matthew came to the office and worked with the laptop I had tried to fix myself. He listened carefully to what I reported, then worked with it for over an hour. He asked if he could take it back to his office to work with it. I agreed on the basis of a two-hour billable cap. He took it back to his shop, I’m sure spent way more than two hours fixing it, and returned to me a laptop I scarcely recognized–faster, working wireless, updated Cisco VPN software–perfection. In the course of his magic, he was always available to discuss the configuration, asked all the right questions and gave the right answers. He met the deadline I imposed. The service was so impressive that I asked about future availability to deal with a small business network if help was needed. There’s a team of folks ready to help.”