DENVER (KDVR) – The Denver District Attorney is warning Android users of the threat after a security issue was discovered leaving the device’s microphone and camera vulnerable to hackers.
Technology experts explain that this is not a new threat, but it is an almost preventable threat.
Hackers could be accessing your phone to listen to you, spy on you, or even view your photos. Experts told FOX31 there are two types of attacks: Some require you to click a link or open an email, but some so-called “zero-click vulnerabilities” can happen without you even knowing it.
“The question is do you care if the data is on your phone for example, do you care if someone is listening to your conversations? Do you care if someone is watching you, you know, when you’re in your bedroom, getting dressed or doing something else? Do you know? So if you care about that, then patching that becomes important,” said Mitch Tanenbaum, director of information security at CyberCecurity.
A patch is a software update that usually fixes a bug or security hole. The vulnerabilities allow hackers to perform so-called “remote code execution attacks”.
“That gives them the ability to hit past photo videos. It really allows them to control the phone and take new pictures. It actually allows them to record video, remove the GPS tag of the photo. It is very invasive! ‘ said James Turgal, of Optiv.
Optiv said the situation only got worse from there, but they could access personal, financial and business information.
“So the real threat is actually much more nefarious, yes. This is not just a threat to individual privacy,” said Turgal. “Everything we do, whether it’s your house, it’s wired, or the devices you carry around – everyone uses online banking, that’s right – so your entire life and sometimes your livelihood is connected to the internet.”
Which Android phone?
Basically, the older the phone, the bigger the risk, says Mitch from CyberCecurity.
“Every few years, you really need to replace your Android phone if you’re an Android phone user, not because the phone doesn’t make calls anymore, but because it’s no longer patched,” says Tanenbaum.
He says make sure the updates are automatic and that your phone is still supported.
And not just phones: Anything with a camera can be targeted.
“All the mainstream vendors are very good at releasing patches. That’s when you go with a cheap brand-name item, when you go to your local discount store, and you say, ‘Oh, this camera is $10 cheaper than the brand-name camera.’ So, how do you think they save that money? ‘ said Tanenbaum.
Security features claimed by Mitch are often compromised first.
Turgal at Optiv reminds everyone to have good “cyber hygiene”:
- Have a strong password
- Regularly turn your device on and off
- Restart your Wi-Fi network
Google, which owns Android, did not immediately respond to a request for comment.
