It is not only iPhone users that can be at a risk of major smartphone risk. There is now a warning out there issued to Android users that up to 1.25 billion people who make use of Android phones should beware. What is it all about?
The story began on August 7, 2019 when researchers from an Israeli tech company published information on how WhatsApp could be manipulated to distort a message by manipulating the text and changing the identity of the person who sent the message. The company said that if not checked, the threat is real and can affect billions of Android users.
For one thing, the development allows for a user’s data to be exposed through a simple text message. This is really simple and also a stupid way to acquire users’ information. The extent to which this could harm Android users is still not very well comprehended. If all your email could be exposed just because you sent or received a single text message on your smartphone, then this is really a bad threat.
To make things worse, the threat department of that company detected that the most vulnerable users are those who buy Samsung phones. Secondly, people who made use of Huawei, LG, and Sony smartphones are also at risk. As you know, more than 50 percent of smartphone users make use of these phones and the companies are well known for manufacturing world-class flagship phones. Almost half of world’s smartphone users are at risk of this threat.
For now, a survey conducted in the month of July 2019 says that there are about three billion smartphone users in the world. Of these, it is found that Android market share is about 76 percent and the research goes further to suggest that at least as many as 1.25 billion of the three billion may be affected.
How does it really work? You may ask.
These attack type is the ones that come to you urging you to update this and that app on your smartphone. When you first join a mobile network provider, you receive messages from them. The threat could come from these Over-The-Air (OTA) messages. Enterprises could make use of the same technology when carrying out the attacks. Sometimes also, it may be necessary to configure your corporate email to work with your company servers. During that period, this attack could also break in. what the attacker needs to do is simply pose as a trustworthy network operator and the user at the other will fall for it. Once the user accepts these malicious network settings, the deed is done. Just one SMS message, one click and the user may have all his internet traffic rerouted through a proxy server owned by the attacker and who would in turn be able to read all the mails of the phone user. All the attacker needs may just be a smartphone acting in modem mode or a cheap USN dongle, which will enable the sending of binary SMS messages.
Of course, the threat is not new. However, the potential mass scale or the number of people it could reach in the same instant is what really concerns threat experts. Secondly, it is easy for most people to avoid falling email-based threats than for SMS message threats. Most of us don’t even believe that such a threat exists.
