Bug Which Allows Hacking Android Users' Mobile Crypto Wallets Has Been Detected
November 22, 2017
Users of Android cryptocurrency wallets are at risk of hacking because of a new vulnerability that allows the MediaProjection service to capture the screen and audio content of the user. More than 75 % of all Android users are at risk, as the bug affects the Lollipop, Marshmallow and Nougat platforms.
Google has accidentally created the exploit, starting with the version Lollipop 5.0. Prior to this release, MediaProjection functionality was available only for applications at the system level and with the help of official Google keys. All subsequent systems were vulnerable to such an attack.
Apparently, when a hacker tries to start recording information from the screen, a pop-up window will appear, informing the user about it. However, hackers can cover this pop-up window with another one using a process called 'tapjacking'. Many experts have already expressed their opinion, "In addition, the SystemUI pop-up window is the only available access control mechanism that prevents abuse of the MediaProjection service. Attackers can simply bypass this mechanism by deploying this pop-up window using well-known methods to allow their applications to capture the user's screen."
Google offers a patch in the version Oreo (8.0), but all the previous versions are at risk. Cryptocurrency users who access their wallets on mobile devices can easily become victims of this exploit, and they are offered to upgrade to the newest protection system as soon as possible.