1.4 Billion Android Running Devices Vulnerable to Internet Traffic Hijacking
Android is the most popular OS in the world and it dominates the smartphone OS market authoritatively. However, being the king comes with advantages and disadvantages. Just ask Microsoft about computer viruses and exploits, things which are virtually absent in Max OSX and other niche operating systems. Today’s piece of troubling news is that almost one and a half billion Android running devices, including smartphones, tablets and even Smart TVs are vulnerable due to a Linux flaw (Android is Linux based) which affects basically 80% of tablets and smartphones running Android 4.4 KitKat and above.
To make matters worse, it seems that even the Nougat is vulnerable…The aforementioned security flaw is dubbedÂ CVE-2016-5696Â and is now affecting something like 80%+ of the Android ecosystem. According to internet security firm Lookout in a blog post published a couple of days ago, theÂ CVE-2016-5696Â is present in all Android versions since the KitKat 4.4 including the developer preview for Nougat. Translated into real life figures and consequences, this means that the vast majority of Android running devices are prone to hack attacks which may compromise your network security and the privacy of your on-line based communications.
Everything is up for grabs, ranging from man-in-the-middle attacks, which can intercept your internet data traffic to voice-calls (VoiP) and what not. The good thing is that the respective flaw is pretty difficult to exploit, meaning that you won’t be hacked by your 12 years old next door neighbor. However, the risk is very high especially for targeted/on demand attacks. Macs and Windows based devices are not affected by this vulnerability and according to a Google press release, their internet security engineers are aware of the problem and they’re trying to mitigate it ASAP. As a temporary precaution measure, make sure that all of your internet traffic is encrypted and all the websites you’re visiting/all apps are using HTTPS; it would be also advisable to use a VPN until things get sorted out.