This hack with Chrome for Android makes every phone vulnerable

Chinese researcher Guang Gong demonstrated a hack on the Android version of Chrome, during a PacSec conference  recently held in Tokyo. This hack targets only the JavaScript engine of the browser. With this, it can contaminate the whole device.

google-chrome

As showcased during the conference, when a user visits a malicious website with the malware. An app can be installed on your phone even without your knowledge. One can almost imagine how far this can be exploited.

“As soon as the phone accessed the website the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application (in this case a BMX Bike game) without any user interaction to demonstrate complete control of the phone.”

The Chinese researcher who discovered this was rewarded with a flight to the Vancouver CanSecWest security conference in March 2016, and also a ski trip. Thankfully this vulnerability can be patched with a single update to Google Chrome unlike Stagefright that required a full system update.

As always, we should be mindful if the sites we visit, especially those offering paid products for free.

Source

Facebook Comments
Loading...

2 Comments

  1. Femiblaze November 16, 2015
  2. Ehis November 16, 2015

Add Comment

error: