The Samsung Google has discovered security vulnerabilities in its uniquely developed software. According to Android, these flaws were exploited by the spyware company: Vulnerabilities in the code would allow an attacker to gain read-write privileges of the kernel as root and eventually expose device data.
Google Project Zero security researcher Maddie Stone said in a blog post that the exploit chain targets Samsung phones with Exynos chips running with a certain type of core. These devices are mainly sold in Europe, the Middle East and Africa, which may be targets for surveillance. According to Stone, Samsung phones running the affected core include the S10, A50, and A51.
The flaws, which have since been patched, were exploited by a malicious Android app that could trick users into installing them from outside the App Store. The malicious application allowed the attacker to access almost any data stored on the devices.
The The Google He declined to name the spyware company, but said the exploit followed a similar pattern to recent device infections where malicious Android apps were misused to target powerful government surveillance spyware.
Earlier this year, security researchers discovered Hermit, an Android and iOS spyware developed by RCS Lab, used by governments in targeted attacks with known victims in Italy and Kazakhstan. Hermit is designed to trick the target into downloading and installing the malicious app from outside the App Store, like an app disguised to help the carrier, but then silently stealing the victim’s contacts, audios, photos, videos, and precise location data.
A monitoring provider called Connexxa has also used side-loaded malicious apps to target Android and iPhone owners. The most famous is The manufacturer of Pegasus was NSO Group.
Google reported the three vulnerabilities to Samsung in late 2020, and Samsung rolled out fixes for affected phones in March 2021, but it didn’t reveal at the time that the vulnerabilities were actively exploited, according to reports. Take Crunch.
