• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 19th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Android

Android Flaw Lets Attackers Capture Screen and Record Audio

November 20th, 2017 Waqas Security, Android, Privacy, Technology News 0 comments
Android Flaw Lets Attackers Capture Screen and Record Audio
Share on FacebookShare on Twitter

If your Android smartphone has Lolipop, Nougat or Marshmallow, then there is every reason for you to feel alarmed because the MediaProjection service can be exploited due to a critical flaw. The service is designed to capture user’s screen and record system audio. Since a majority of Android devices nowadays have these three versions of the OS, therefore, around 77.5% of the Android devices are at risk.

Android’s MediaProjection service has existed since long, but apps needed root access and signed up with the release keys of the device in order to use the service. This is why the use of this service is limited to system level apps only.

But when Android Lolipop 5.0 was released, Google made this service open to everyone but did not secure it with the requirement of permission from the users. Now, the apps can access this service through an intent call that would display SystemUI prompt warning users when the app would capture the screenshot and record system audio, noted BleepingComputer.

Researchers at MWR Labs opine that [PDF] an attacker can detect when this prompt would be shown and the trigger an arbitrary prompt and the content would be disguised with another message using a technique called tap-jacking. Android malware developers have relied upon this particular technique for years, and still, it works.

“To use the MediaProjection service, an application would simply have to request access to this system Service via an Intent. Access to this system Service is granted by displaying a SystemUI pop-up that warns the user that the requesting application would like to capture the user’s screen,” explained MWR researchers.

Android Flaw Lets Attacker Capture Screen and Record Audio

SystemUI pop-up

The reason why this vulnerability is threatening is that the affected android versions cannot identify obscured SystemUI pop-ups allowing an attacker to create an app that draws an overlay upon the pop-up and elevate the privileges of the app. This would let the attacker capture user’s screen.

[q]Android Smartphones Plagued with Bug that Lets Attacker Capture Screen and Record Audio[/q]

Since the SystemUI pop-up is currently the only access control method that can prevent the exploitation of MediaProjection service, therefore, an attacker can use tap-jacking to bypass the method and get the permission of capturing the screen.

The attack won’t stay undetected for long, claims researchers at MWR in their latest report, since the captured screenshot will produce an icon that will be displayed on the notification bar. Same would be the case when an attacker records the audio.

Google claims that the bug has been patched in its latest release Android Oreo 8.0, but the previous versions are still vulnerable.

[fullsquaread][/fullsquaread]

  • Tags
  • Android
  • audio
  • Google
  • internet
  • Privacy
  • security
  • Spying
  • Surveillance
  • Technology
  • Video
  • Vulnerabilit
Facebook Twitter LinkedIn Pinterest
Previous article Android malware found in hundreds of music player apps on Play Store
Next article BankBot banking malware found in flashlight and solitaire apps
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
WhatsApp Pink is malware spreading through group chats

WhatsApp Pink is malware spreading through group chats

2021 and Emerging Cybersecurity Threats

2021 and Emerging Cybersecurity Threats

Unpatched MS Exchange servers hit by cryptojacking malware

Unpatched MS Exchange servers hit by cryptojacking malware

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
WhatsApp Pink is malware spreading through group chats
Security

WhatsApp Pink is malware spreading through group chats

A hacker claims to be selling sensitive data from OTP generating firm
Hacking News

A hacker claims to be selling sensitive data from OTP generating firm

1-click code execution vulnerabilities in popular software apps
News

1-click code execution vulnerabilities in popular software apps

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us