Android’s open-source nature is a bit of a double-edged sword in many respects, for although it’s customizable to the nth degree, it’s also much more susceptible to malicious intrusion when compared with the likes of Apple’s iOS. On a regular basis, we hear of new, cunning schemes designed to attack smartphones and tablets running on Google’s flagship mobile OS, and today, we’ve encountered a particularly alarming security hole that could potentially help a hacker relieve you of vast mounds of cash.
The scoop on this new strain of malicious intrusion arrives courtesy of IDG News Service, which reports that the flaw in the Android software lets apps make calls without a user’s permission. From there, a premium-rate line can be reached, and the bill payer is subsequently left to pony up for the hundreds, maybe even thousands of dollars in charges.
The premium-rate number trick is nothing new in itself, and if you look back across Android’s lifespan, it’s one of the more frequent ploys capitalized on by unscrupulous individuals. But it’s alarming to note that
Security research outfit Curesec is credited with having discovered this particular security hole, and has apparently noted to Google of its findings. Those on Android 4.4.4 are lucky in that the bug has already been fixed on this particular software release, although it remains on Android 4.1.x, 4.2.x, 4.3.x, and all variants of Android 4.4 prior to the most recent.
Hopefully, Google will issue some kind of statement on the matter in the near future, as well as offering a plan of action on how this particular security issue will be rectified. After all, a large portion of its user base could be under threat to this kind of exploitation, and even though the premium-rate phone hack is a relic of the malware game, it’s also a very established tactic that, like all long-standing criminal activity, works.
Those on Nexus and Motorola devices that can update their firmware to Android 4.4.4 are encouraged to do so immediately. Not only will you reap the benefits of the security patch, but you will also be able to take advantage of the small tweaks that Google has made to its software in the most recent version.
Just update, and don’t hesitate. That’s what you all should be doing right now.
(Source: Computerworld)
You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the web.
