Hackers have found a new way of hacking Android devices and gain remote control over them. This method works even if the gadget is installed, the latest version of the OS.
Chinese Guan Gong researcher has discovered a critical vulnerability in the latest version of Chrome for Android, which allows attackers to access with administrative privileges on the smartphone of the victim. Created by a hacker exploit works for all versions of the mobile platform Google.
The competition MobilePwn2Own at the PacSec conference in Tokyo 2015, the expert has demonstrated an example of attack on the basis of his exploit. The program exploits a vulnerability in the JavaScript engine V8, which is preinstalled on almost all Android smartphones. In order to hack a device, the attacker needs only to lure the victim to a web resource that contains malicious code.
While the unsuspecting user browses the website, the attacker can proekspluatirovat gap in Chrome, malware download and remotely gain control of the gadget.
The expert was informed about the vulnerability of the security team of Google, but did not publicly disclose all the details of the attack, writes Securitylab. To create exploit researcher spent three months.