More bad news for Android users.
Update: republished on April 10 with confirmation that cyber attacks now target Android phones with new sophisticated spy software.
We live in interesting moments. For the third consecutive month, Google confirmed the bad news that Android phones are attackedWhile another version of routine monthly safety is transformed into an emergency update now warned. This time there is a critical difference, with major implications for Pixel and Samsung.
“There are indications,” warns Google, that CVE-2024-53150 and CVE-2024-53197 “can be under a limited and targeted exploitation.” The first is a vulnerability of memory in the Android kernel, leaving a device exposed to the exfiltration of local data. If it reminds us of forensic exploits, the second vulnerability Martene at home. This is another of the defects known for having been exploited by Celbrité in Europe.
Although Android Zero-Days can now be the norm, which is not the norm is the rhythm of Samsung corresponding to Pixel to precipitate these updates. Last month, the Galaxy-Maker again missed one of Android’s used fixes. But the CVE-2024-50302 of March is included in April update of SamsungA month behind Pixel. Much more in particular, the two April fixes of Android are also included in the release in April of Samsung. It’s a big problem.
According to Android Hardener GraveThese “2 other marked vulnerabilities as being exploited in the wild [are]
The two vulnerabilities for locked devices “, that its software” made both much more difficult to exploit while unlocked “. It indicates that the two vulnerabilities” were used by Celbite for data extraction from locked Android devices “.
With perfect timing, the need to ensure that Android (and iPhone) phones are always updated when new security fixes are released have been reinforced by a series of government agencies. “In new opinions”, the Cyber-Aile from the British espionage agency warned “National Cyber Security Center (NCSC)-part of the GCHQ-and agencies in Australia, Canada, Germany, New Zealand and the United States have revealed details on how malicious cyber-actors use two forms of spy software to target individuals.”
The latest attacks were awarded to the affiliated actors of the Chinese state, targeting “the Uighur, Tibetan and Taiwanese communities as well as civil society groups … Malveillant software – nicknamed Moshine and Badbazaar – hide malware inside otherwise legitimate applications in a technique known as” Trojanization “.
These Trojan horses divert a device, accessing microphones, cameras, on device data, including messaging and photos, as well as real -time monitoring deployment. These types of vulnerabilities are operated by medical-legal companies, cybercriminals and state players. There is a constant game of cat and mouse with Google, Samsung and other OEM – as well as Apple – to stay in advance, or rather not too far behind.
But Samsung has I have been late in security updates as well as the Android world is also obsessed with its delays in upgrading of the Android operating system. With a notable calendar, these security updates turned out to be the same day that Samsung finally began to deploy its stable one UI 7 / Android 15 upgrade to its 2024 and 2023 flagship products.
Once again, this month, we have seen forensic exploits corrected by one of the Android or iPhone, the two global operating systems are clearly vulnerable to the deep pockets of an industry started to break the safety of the devices. Samsung user interface 7 includes new protections against these medico-legal and Android 16 exploits seems to correspond to the restart of the iPhone, which makes these exploits more difficult. Interesting times indeed.
