This hack with Chrome for Android makes every phone vulnerable

Posted by

Chinese researcher Guang Gong demonstrated a hack on the Android version of Chrome, during a PacSec conference  recently held in Tokyo. This hack targets only the JavaScript engine of the browser. With this, it can contaminate the whole device.


As showcased during the conference, when a user visits a malicious website with the malware. An app can be installed on your phone even without your knowledge. One can almost imagine how far this can be exploited.

“As soon as the phone accessed the website the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application (in this case a BMX Bike game) without any user interaction to demonstrate complete control of the phone.”

The Chinese researcher who discovered this was rewarded with a flight to the Vancouver CanSecWest security conference in March 2016, and also a ski trip. Thankfully this vulnerability can be patched with a single update to Google Chrome unlike Stagefright that required a full system update.

As always, we should be mindful if the sites we visit, especially those offering paid products for free.



We love to hear from you - your opinions, insights and experiences with smartphones and other gadgets. Be a part of Mobility Arena's active community by sharing a comment below if comments are enabled for this page.


  1. I still think phone security is overhyped. The average users care less about all these patches and loopholes.

    Only the techies get sleepless nights over this kinda thing

Have Your Say

Your email address will not be published. Required fields are marked *

Discussions are moderated for civility