Android users receive a a lot of messages in their inbox which we ignore as most of the messages coming in our inbox were from the promoters or the companies offering different schemes.
But, as an Android user, we should stay cautious of the text messages that land up in the inbox, as a major security vulnerability in the Android operating system has left a billion phones vulnerable to getting hacked, by a plain and simple text message.
Check Point Research, the threat intelligence arm of Check Point Software Technologies Ltd. has revealed that there is ‘a security flaw in Samsung, Huawei, LG, Sony and other Android-based phones that leave users vulnerable to advanced hacking attacks’.
The security firm claims that the hack works by making use of the over the air (OTA) method which is used by mobile network operators to update the new devices joining their networks, also known as an OMA CP message. This method involves limited authentication methods.
Hackers working remotely can enter this route and can send you a deceptive OMA CP message to your Android phones. The message can lead users into accepting malicious settings that would start to route the phone’s incoming and outgoing Internet traffic through a proxy server owned by the hacker. And to the surprise, the user would not even realize what is happening, and the hacker can access the data on the phone.
“Researchers determined that certain Samsung phones are the most vulnerable to this form of phishing attack because they do not have an authenticity check for senders of OMA CP messages. The user only needs to accept the CP and the malicious software will be installed without the sender needing to prove their identity,” says Check Point Research.
The researchers also claim that some companies like Huawei, LG, and Sony use authentication form but the hacker only need the International Mobile Subscriber Identity (IMSI) of the user to confirm their identity -- which is easily accessible to the attacker by creating a rogue Android app that reads a phone’s IMSI once installed or the an attacker can simply bypass the need for an IMSI by sending the user a text message posing as the network operator and asking them to accept a pin-protected OMA CP message. If the user then enters the provided PIN number and accepts the OMA CP message, the CP can be installed without an IMSI.
Researchers also stated that companies like Samsung, Huawei, LG are doing their best to fix this phishing flow in their security maintenance, till then we have to keep an open eye to these malicious messages and hacking techniques.