The latest Android vulnerability can be hacked into any mobile phone in simple steps
At a PacSec hacking conference in Tokyo, researchers from Qihoo 360 demonstrated the use of a vulnerability in the Android Chrome browser targeting JavaScript v8. As long as a user browses a malicious website, hackers do not need to use multiple vulnerabilities as in a typical example. Instead, they can only use this single vulnerability to attack any Android phone, obtain access permissions and download software.
PacSec organizer Dragos Ruiu told Vulture South that one of the most eye-catching vulnerabilities detected by broad AI is the "one-blow fatal" feature, most attacks require multiple vulnerabilities to gain system access and download software. In this demonstration, the victim mobile phone only loads a webpage with the JavaScript v8 vulnerability in the Chrome browser, and the vulnerability can automatically download the game without any user's operation, this means that hackers have obtained full control. The related vulnerabilities have been reported to Google. I hope they will face up to the problem and fix the vulnerabilities in a short time as the system's biggest support!
Source: 360 secure broadcast queue , The Register
This article permanently updates the link address: