Home > Internet > Online Trends

Android suffers phone call vulnerability

Source: Internet
Author: User
Keywords Pay phone high-risk vulnerability Jinshan mobile phone drug tyrants
Tags android android malware android phone android program applications apply apply for calls
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

CM Security found a high-risk vulnerability in Android: Android exploits the vulnerability without having to make phone calls, making any phone calls, including dialing special numbers to execute system commands such as emptying mobile data. CM Security has been updated urgently to prevent Android malware from exploiting the phone permissions vulnerability.

"If a normal Android program needs to make a call, you have to apply for system privileges before installation and users can use the Jinshan Mobile Virus to manage whether applications on the phone can use system privileges." CM Security security experts explained, "Now, due to a Phone Permission Vulnerability Malicious programs can bypass system constraints for malicious purposes. "

Figure 1 Jinshan mobile drug tyrants management Android application system permissions

CM Security Lab Check found that Android Phone Permissions Vulnerability affects most users of Android 4.1, 4.2 and 4.4.2, accounting for 59% of the global Android mobile phone. The actual verification found that the following mainstream Android phones have phone permissions loopholes.

Device version

Galaxy Note 14.4.2

Galaxy Note 24.1.1

Nexus 44.4.2

Nexus 54.4

SAMSUNG GT-I826D4.1.2

SONY c21054.1.2

Harm of Phone Permission Vulnerability

Attackers use Android phone vulnerabilities to bypass the system rights management, you can directly dial the information desk, international calls and other long-distance calls, causing economic losses to users. Malicious programs are also free to interrupt the normal program to make phone calls, causing interference with the use of mobile phones. The most serious is that malicious programs can dial a special number through the phone dial-up to start the phone's built-in management functions, such as instantly restore the phone to the factory state, clear all the phone data.

CM Security Labs has urgently upgraded Clean Master and CM Security to intercept Android malware exploited by phone-privileged vulnerabilities. Users are advised to try to download applications through the relatively reliable Android software market, and do not easily download through informal channels such as chatting tools and forums.

Figure 2 Jinshan mobile phone virus tyrants to intercept phone use permissions Android vulnerability

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
android wear phone call android make phone call phone call management android android development phone call android vulnerability 2015 how to change voice on phone call android how to use gmail call phone on android
Related Article
Getting Started with CDN
Front-end Must Learn: CDN Acceleration Principle
Elements of CDN Network
8 New Types of Attacks Facing the Cloud Environment

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

Hot Article
Hot Tags
computing conference access forum computer class data get http html applications
Popular Keywords
html add blank space register business logo register ssl certificate full site sign in sign up node js build cloud register register a subdomain in python network management system tutorial how to learn computer science by myself

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More