Android OS is one of the widely used of the recent times. The great amount of application availability, easy to use interface and the fact that it is the largest platform for developers to host their applications has made it so popular all over the world.
In spite of all these positives, its popularity has also made it to be an area of increasing security risks. Reports that even hackers have turned on their attention to the Android platform were reported earlier.
The Google’s Android platform seems to be experiencing more attacks day by day. The new attack has pushed the devices to the edge of getting disabled or wiped clean of their data including contacts, music and photos, because of a security flaw that was discovered several months ago but went unnoticed until now.
Users owning such vulnerable devices may trigger the attack by visiting pages and clicking links or a mobile application embedded with the malicious code.
Another attack to wipe of user data may be by performing a factory reset of the device appears to target only the Samsung Galaxy and similar phones.
It was reported in the guardianthat, “The flaw is caused by a security hole in some versions of Android’s dialer software, which allows the “tel:” URL prefix to be used on a webpage to perform functions on the phone’s dialling software. Normally that is useful for functions such as initiating a call on the handset directly from a site. But the tel: prefix can also be used to pass a string of non-numeric data to the dialer.
Special strings of characters can perform other functions; for example typing #06# on the dialer will display a phone’s IMEI number.
The flaw exploits a string that activates a factory reset of some phones because they do not force a user interaction before carrying out the function encoded in the string. The code would have to be embedded as a link to cause the user to activate it – but it would be easy to represent it as an innocent link to Google or any site. Pressing the link would initiate the wipe.
Users of vulnerable handsets may be able to install a third-party dialer and make that the default as protection against the “remote wipe” attack. Experts also pointed out that not all Android handsets have the capability for a remote wipe built-in – although the number of models discovered with the vulnerability has grown since it became known on Tuesday.”
Though Google had information about this attack earlier and a quick fix was adopted by the company, it wasn’t publicized, leaving the users unaware of the problem and how they could fix it, according to Ravi Borgaonkar, a researcher in the Security in Communications department at Technical University Berlin.
He also said that the bug works by taking advantage of functions in phones that allow them to dial a telephone number directly from a web browser. That convenience comes with risk, however. A hacker, or anyone with ill intent, can create a website or an app with codes that instruct the phones linking to those numbers to execute commands automatically, such as a full factory reset. He also added that the SIM may get completely destroyed by the attack. However Samsung hasn’t responded to this issue yet.