• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Android

Android Flaw Lets Attackers Capture Screen and Record Audio

November 20th, 2017 Waqas Security, Android, Privacy, Technology News 0 comments
Android Flaw Lets Attackers Capture Screen and Record Audio
Share on FacebookShare on Twitter

If your Android smartphone has Lolipop, Nougat or Marshmallow, then there is every reason for you to feel alarmed because the MediaProjection service can be exploited due to a critical flaw. The service is designed to capture user’s screen and record system audio. Since a majority of Android devices nowadays have these three versions of the OS, therefore, around 77.5% of the Android devices are at risk.

Android’s MediaProjection service has existed since long, but apps needed root access and signed up with the release keys of the device in order to use the service. This is why the use of this service is limited to system level apps only.

But when Android Lolipop 5.0 was released, Google made this service open to everyone but did not secure it with the requirement of permission from the users. Now, the apps can access this service through an intent call that would display SystemUI prompt warning users when the app would capture the screenshot and record system audio, noted BleepingComputer.

Researchers at MWR Labs opine that [PDF] an attacker can detect when this prompt would be shown and the trigger an arbitrary prompt and the content would be disguised with another message using a technique called tap-jacking. Android malware developers have relied upon this particular technique for years, and still, it works.

“To use the MediaProjection service, an application would simply have to request access to this system Service via an Intent. Access to this system Service is granted by displaying a SystemUI pop-up that warns the user that the requesting application would like to capture the user’s screen,” explained MWR researchers.

Android Flaw Lets Attacker Capture Screen and Record Audio

SystemUI pop-up

The reason why this vulnerability is threatening is that the affected android versions cannot identify obscured SystemUI pop-ups allowing an attacker to create an app that draws an overlay upon the pop-up and elevate the privileges of the app. This would let the attacker capture user’s screen.

[q]Android Smartphones Plagued with Bug that Lets Attacker Capture Screen and Record Audio[/q]

Since the SystemUI pop-up is currently the only access control method that can prevent the exploitation of MediaProjection service, therefore, an attacker can use tap-jacking to bypass the method and get the permission of capturing the screen.

The attack won’t stay undetected for long, claims researchers at MWR in their latest report, since the captured screenshot will produce an icon that will be displayed on the notification bar. Same would be the case when an attacker records the audio.

Google claims that the bug has been patched in its latest release Android Oreo 8.0, but the previous versions are still vulnerable.

[fullsquaread][/fullsquaread]

  • Tags
  • Android
  • audio
  • Google
  • internet
  • Privacy
  • security
  • Spying
  • Surveillance
  • Technology
  • Video
  • Vulnerabilit
Facebook Twitter LinkedIn Pinterest
Previous article Android malware found in hundreds of music player apps on Play Store
Next article BankBot banking malware found in flashlight and solitaire apps
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

59
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

93
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

111

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us