Security Flaw Allows Apps to Make Phonecalls


The Bad News: There’s a newly found security flaw that allows malware to take control of your phone and make phone calls without your permission.

The Good News: If you’re reading this here, I’ll assume you’re a BlackBerry user, in which case, you don’t need to worry about this.

Who does have to worry about this vicious security flaw? I’ll give you two guesses. No, not the forbidden fruit this time, it is Android of course! So let’s stop feigning surprise for the sake of our Androidian friends, and let’s just see what this flaw actually does.

By exploiting this vulnerability, malicious apps can make phone calls to premium-rated numbers and terminate any outgoing calls.  It is also capable of sending Unstructured Supplementary Service Data (USSD) codes that can be used for enabling call forwarding, blocking your sim cards and so on.

I bet those malware generating androidphiles are very exited about this! Imagine, no need to steal bank account numbers. You can get in a lot of trouble for that you know? This way, they can almost look like a  legitimate business! All they’d need to do is set themselves up with a 900 number, and then have your phone call it. And they wouldn’t even need to hire an imaginative staff to answer phones!

Ready for some more Good News/Bad News?

The Bad News: This flaw has been there since Android 4.1.1 and has survived through all versions up to 4.4.2

The Good News: The flaw has been fixed in Android 4.4.4

Even More Bad News: People aren’t updating to 4.4.4, in fact, I believe the last numbers I saw was around 13% of the user base has moved on to the newest update, meaning the vast majority of Android users are still completely vulnerable to this.

The Best News: You don’t have to worry about it. Because you’re a BlackBerry user. Right???

Source: E Hacking News


