Android Hole Allows Data Capture

Wednesday, January 22, 2014 @ 04:01 PM gHale

When it comes to Android, there is a way to bypass active VPN configurations and intercept secure communications, researchers said.

In order to exploit this vulnerability, an attacker doesn’t require root permissions to capture data transmissions. The worst part of it is there’s nothing that would make victims realize that they’re being attacked, said researchers at Ben Gurion University (BGU) in Israel.

Android Malware Acts as Security Update
Android Platform Coming for Autos
Android Malware on Rise
Securing Automobile Software Updates

“[The] communications are captured in Clear Text (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure,” BGU’s Dudu Mimran said.

The experts tested the vulnerability on several Android devices from various vendors. A video proof of concept (PoC) they made uses a Samsung Galaxy S4.

SSL/TLS traffic can also end up intercepted using this attack method, but the content stays encrypted. The experiments were on a properly configured VPN, using Wi-Fi connections, and a computer connected on the same network as the targeted mobile device.

The vulnerability went out to Google.

A few weeks ago, BGU mobile security researchers found a vulnerability impacting the Samsung Knox platform. At the time, Samsung issued an official response saying the attack exploited legitimate Android network functions in an unintended way for a classic man-in-the-middle attack.

The company noted the researchers didn’t actually identify a vulnerability in Android or Knox.

Now, BGU researchers said the attack having an impact on VPN users is different from the one targeting the Samsung Knox platform. Additional technical details on the vulnerability will be available by the researchers at a later time.

Click here for the video POC.

Leave a Reply

You must be logged in to post a comment.