Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Android Google

Active Drive-By Exploits Critical Android Bugs, Care Of Hacking Team (arstechnica.com) 45

Dan Goodin, reporting for Ars Technica: An ongoing drive-by attack is forcing ransomware onto Android smartphones by exploiting critical vulnerabilities in older versions of Google's mobile operating system still in use by millions of people, according to research scheduled to be published Monday. The attack combines exploits for at least two critical vulnerabilities contained in Android versions 4.0 through 4.3, including an exploit known as Towelroot, which gives attackers unfettered "root" access to vulnerable phones. The exploit code appears to borrow heavily from, if not copy outright, some of these Android attack scripts, which leaked to the world following the embarrassing breach of Italy-based Hacking Team in July. Additional data indicates devices running Android 4.4 may also be infected, possibly by exploiting a different set of vulnerabilities.Blue Coat, a California-based provider of security and networking solutions writes: This is the first time, to my knowledge; an exploit kit has been able to successfully install malicious apps on a mobile device without any user interaction on the part of the victim. During the attack, the device did not display the normal "application permissions" dialog box that typically precedes installation of an Android application. After consulting with analyst Joshua Drake of Zimperium, he was able to confirm that the Javascript used to initiate the attack contains an exploit against libxslt that was leaked during the Hacking Team breach. Drake also confirmed that the payload of that exploit, a Linux ELF executable named module.so, contains the code for the "futex" or "Towelroot" exploit that was first disclosed at the end of 2014.
This discussion has been archived. No new comments can be posted.

Active Drive-By Exploits Critical Android Bugs, Care Of Hacking Team

Comments Filter:
  • Here is more proof (Score:3, Insightful)

    by Anonymous Coward on Monday April 25, 2016 @11:35AM (#51983445)

    That when a backdoor is held by the "good guys" (I use that term loosely but Hacking Team sold primarily to governments) it's just a matter of time before the bad guys get ahold of it and start fucking everyone over. Pay attention, Mrs. Feinstein.

    • by Hentes ( 2461350 ) on Monday April 25, 2016 @11:56AM (#51983577)

      Towelroot has never been a secret or a backdoor. It is an exploit discovered and published by geohot, these guys just copied it. As any exploit, it can be used both for good and bad. In my case it helped me put Cyanogenmod on my phone instead of the outdated Android on it, making it more secure.

      • Moreover, I used Towelroot to root an Android 4.4.4 phone, even though TFS talks about 4.3 and before. Or had the internals of the Towelroot app been changed a lot between 4.3 and 4.4? I do remember that the phone (or Google) warned me that the APK for Towelroot was possibly malicious; I had to confirm installation one more time.

  • by Anonymous Coward on Monday April 25, 2016 @11:37AM (#51983457)
    And thanks to the common practice (looking at you, Verizon) amongst carriers of locking bootloaders and then refusing to supply updates, short of throwing the phone away and "upgrading" to another one, there's literally no way for the customer to update the typical Android phone's OS in a timely fashion.

    Which suits the carriers - who make money off bundling shitware and selling "upgrades" to new phones - just fine, but what the fuck, Google. It's been half a decade. It's long past time for you to tell the carriers to permit users to download their own security patches.

    Imagine if users couldn't get Windows updates from Microsoft, but relied on their own ISP - and whether it's Comcast or AT&T doesn't really matter.

    Fuck. That. Noise. Get the carriers out of the OS business.

    • Google is developing an extremely bad reputation. Tracking everyone. Allowing abuse.

      Soon even Microsoft will be jealous.
    • There is an easy fix for this. Suing the carrier into oblivion for not unlocking devices they no longer support, so that the owners of those devices can get support from other sources (like CyanogenMod) .

      The ONLY thing these people understand is economic costs, make it expensive to not support devices, but keep them under lock and key.

    • by Anonymous Coward

      Google dictates a lot of terms to manufacturers through the licensing of Google Mobile Services (GMS). It's a big part of what's getting them in trouble with EU antitrust regulators. If Google can use GMS licensing for anticompetitive practices, they're certainly capable of doing so to demand security updates are delivered in a timely manner. That Google isn't using GMS licensing for this purpose leads me to seriously question Google's motives.

    • by Teun ( 17872 )
      I have little to no sympathy for people who's phone is encumbered by a carriers greed or unwillingness to update, it's generally easy enough to get an unlocked phone, hell, it's even cheaper.
      If you want the best service you get a Nexus.

      I do have a problem with Google stopping OS updates 2 years after the last of a model has been sold.
      Both My Nexus 4 and 7 are working fine but the OS doesn't update beyond 5.1.1, as such not a problem but at least the security updates should be available.
      Now I have to g
      • it's generally easy enough to get an unlocked phone,

        I just went through this process. I wanted a completely carrier-unencumbered phone. That means no carrier apps, no carrier limitations.

        The only phone I could find like that were "international versions", and unfortunately while being completely carrier agnostic, they weren't really. Neither of the two I went through -- one was a demo unit with manufacturer data collection still installed, the other "international"-- had the specific 4G LTE bands T-Mobile uses.

        So yes, you can get the phone. Whether it is

        • by Teun ( 17872 )
          That's another great advantage of owning your phone, you are free to root it.
          I don't have experience with LTE but the US is a large market so I would think there must be many phones with the capability.
          Your statement so few phones are 4G LTE capable is very surprising to me.
          • Your statement so few phones are 4G LTE capable is very surprising to me.

            Surprising to me, too, since I didn't say that. I said out of the two "unlocked" phones I tried, neither did the right bands for T-Mobile LTE.

    • Fuck. That. Noise. Get the carriers out of the OS business.

      Apple did. Why can't Google?

      Oh, wait! They don't WANT to.

    • Fuck. That. Noise. Get the carriers [to do this, that, or some other things consumers would benefit from]

      I don't see how trying to "get" these asshats to do anything is going to improve the situation. The only thing I can see helping is to allow small carriers access to mobile spectrum in a way that encourages competition. When that happens, I can just choose a carrier that isn't in the OS business. Until then, even if they did that, they'd find a way to screw it up so I couldn't enjoy it.

  • by Anonymous Coward

    Why aren't there more lawsuits against manufacturers and carriers for not providing updates? When I buy a phone, I should be able to expect security updates for at least 24 months, preferably 36 months. Manufacturers aren't interested in supporting older phones because they make money when people update. Carriers seem primarily concerned with loading up the updated versions with crapware that people don't want, can't easily remove, and may well contain vulnerabilities of its own. Why aren't there more lawsu

    • Why aren't there more lawsuits against manufacturers and carriers for not providing updates?

      Because when you signed up for service you waived your right to sue.

    • by Anonymous Coward

      Only 36 months of security updates? You're easy to please, I'd expect at least 60.

      • by Teun ( 17872 )

        Only 36 months of security updates? You're easy to please, I'd expect at least 60.

        Amen!

      • Only 36 months of security updates? You're easy to please, I'd expect at least 60.

        And I want a pony!

    • Manufacturers aren't interested in supporting older phones because they make money when people update

      Apple does. Even though their business model is based on HARDWARE sales.

      Think about that.

  • TowelRoot? That only worked on a handful of devices reliably. And yes, when I used it I got zero sleep for the rest of the week. A single click root? Not good folks, and clearly someone has taken on the task of using that for nefarious purposes. Notice, though, how everyone is blaming hackingteam for this stuff, and not the NSA who likely knew about this long before them.
    • by Rakarra ( 112805 )

      TowelRoot? That only worked on a handful of devices reliably. And yes, when I used it I got zero sleep for the rest of the week. A single click root? Not good folks, and clearly someone has taken on the task of using that for nefarious purposes.

      Notice, though, how everyone is blaming hackingteam for this stuff, and not the NSA who likely knew about this long before them.

      Yup. I used TowelRoot as well and decided at that point to never use my phone for anything truly useful. IE, to just assume my phone was compromised.
      Why? Because I needed root access, and TowelRoot was the name of the game when it came to the Galaxy S3 and S5 that I had. So now that S5 is running an old old version of Android with an exploit, because Google hired guys who found these exploits. Later versions of Android have been hardened, and it's currently a bit difficult to do on current versions. I'm not

  • Android versions 4.0 through 4.3

    Thank God my HTC EVO 4G with Android 2.3 is safe

    • by Teun ( 17872 )
      Yes, insufficient resources is a valid way of preventing a process from running :)

No spitting on the Bus! Thank you, The Mgt.

Working...