• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 24th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Android

After Linux, TCP Exploit Expandable to 80% of Android Devices

August 17th, 2016 Owais Sultan Security, Android 0 comments
After Linux, TCP Exploit Expandable to 80% of Android Devices
Share on FacebookShare on Twitter
A couple of days ago researchers exposed a Linux flaw allowing hackers to hijack Internet traffic — Now it’s been discovered that the flaw also affects 80% of Android devices!

The university of California, Riverside researchers along with the US Army Research Lab has recently announced the presence of a TCP vulnerability in Linux based devices.

This is old news, yeah we know it, but this isn’t the news that we are going to share with you. What we need to tell you is that this vulnerability can be used to target Android systems as well. What is particularly alarming is the fact that this flaw makes over 1.4 billion Android devices vulnerable to exploitation.

Must Read: Critical Security Flaws in Android Devices Affecting Millions of Users

According to Lookout, a grave exploit that is found in the TCP of Linux systems is equally effective on roughly 80% of all Android devices. Attackers can easily get unencrypted data traffic and also spy upon victims by degrading encrypted traffic.

Android users have every reason to feel concerned because it is also possible that attackers launch a man-in-the-middle attack apart from spying on them. This would lead to compromising of their entire network because attackers would look for intercepting the traffic.

What actually happens is that attacker can spy on people remotely and users who utilize unencrypted traffic or have disabled encrypted connections would be the likely targets. When the attacker gets information about a source and destination IP address, it will become possible to launch a man-in-the-middle attack. It has also been revealed that those android systems that run the Linux Kernel 3.6, which is like Android 4.4 KitKat, are most vulnerable currently. Needless to mention, this system accounts for around 79.9% of the entire Android fraternity.

Analysts have assigned medium severity to this new threat by labeling it as CVE-2016-5696. We have already seen the patch for Linux Kernel but the preview of Android Nougat doesn’t hint upon incorporation of a patched kernel. This means, those running an enterprise mobility program would make quite a few numbers of Android devices vulnerable to spying feats from attackers.

To patch this flaw, it is important to update the Linux kernel used for Android. Until the patch is released for Android, what you can do to help yourself is to use encrypted communication platforms. Ensure that the websites and platforms that you browse are using HTTPS with TLS. If possible, use a VPN to be on the safe side.

[fullsquaread][/fullsquaread]

Must Read: Beware; Adwind RAT infecting Windows, OS X, Linux, Android Devices

Solution as per Lookout researchers: 

Encrypt your communications to prevent them from being spied on. This means ensuring the websites you browse to and the apps you use are employing HTTPS with TLS. You can also use a VPN if you want to add an extra step of precaution.
If you have a rooted Android device you can make this attack harder by using the sysctl tool and changing the value for net.ipv4.tcp_challenge_ack_limit to something very large, e.g. net.ipv4.tcp_challenge_ack_limit = 999999999
  • Tags
  • Android
  • Flaw
  • internet
  • Linux
  • Privacy
  • security
  • VPN
Facebook Twitter LinkedIn Pinterest
Previous article New Point-of-Sale Malware Campaign hits 20 Hotels in US
Next article Pakistani Hacker Gets $5000 for Reporting Flaws in Chrome and FireFox
Owais Sultan

Owais Sultan

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

Related Posts
SonicWall hacked after 0-day flaws exploited by hackers

SonicWall hacked after 0-day flaws exploited by hackers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
SonicWall hacked after 0-day flaws exploited by hackers
Hacking News

SonicWall hacked after 0-day flaws exploited by hackers

56
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

112
Gamarue malware found in UK Govt-funded laptops for homeschoolers
Security

Gamarue malware found in UK Govt-funded laptops for homeschoolers

541

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us