While Google continues to strengthen Android’s security regularly with monthly updates, it needs to make sure its partners catch up with it first. Findings from a research by Kryptowire, which was funded by the Department of Homeland Security in the US, were presented in the Black Hat USA security conference.
According to the report by the mobile security firm, several Android phones from notable companies are found to be vulnerable to attacks, which result from deficiencies in the UI from these companies added on top of Android.
The vulnerabilities range from fairly benign – such as crashing a phone – to much more harmful ones including providing root access to your phone, which can result in the user completely losing control over their phones.
Popular Phones at Risk
Many renown Android OEMs are guilty of supplying shoddy firmware to their phones, including LG, ASUS, ZTE, and Essential. The devices which are said to ship with such flaws include popular models like the LG G6, ZenFone V Live, and the Essential Phone.
In the case of the G6, the hackers could get access to the logcat log to lock the user out of their device. On the Essential phone, data could be wiped remotely, while for the ZenFone, hackers could take complete control over the device including the user’s personal data.
Thankfully, all the OEMs are said to be working to bring fixes for their phones. But while the report only detailed 10 phones in the report, dozens of more Android phones could be riddled with similar deficiencies, and if the report is believed, including some pretty popular phones.