Android Malware Records Calls, Tracks Location

John Lister's picture

Google is fixing an Android bug that let hackers remotely capture videos and images without permission. The bug could also have revealed the user's precise location, making it particularly dangerous if exploited by stalkers.

Security researchers at Checkmarx discovered the bug in several default camera apps on a variety of Android phones, including the Google and Samsung apps. (Source: arstechnica.com)

The bug could only be exploited once malware was on the phone, but even then it still shouldn't have allowed such an attack. That's because it involved using a rogue app on the phone to access the official camera apps.

In turn that would let the rogue app bypass the Android permissions system that is supposed to restrict particular functions - such as using the phone's camera - to authorized apps. This meant the rogue app was able to take a photo or record video at any time, even if the phone was locked, the screen turned off, or a voice call was in progress.

Image Files Reveal Location

While that was slightly creepy, what made the bug particularly dangerous is that it allowed the rogue app to take a photo, then immediately examine the EXIF data of the resulting file. EXIF data is attached to every digital photo file which includes details of when it was taken, it's resolution and, in many cases, the precise GPS location.

In other words, a stalker who was able to exploit the bug (and get the malware on the phone in the first place) could not only turn the phone into a spycam, but could also easily get the owner's location at any time.

Cheeky Trick Records Phone Calls

When demonstrating the bug, the researchers were even able to combine the exploit with access to the proximity sensor. That's a part of the phone that detects when somebody holds the handset up against their face to make a call and temporarily turns off the touchscreen input so users don't "press a button" with their cheek.

Access to that sensor isn't normally considered a security risk. The problem here was that in the demo, the researchers were able to use it as a trigger to automatically start a video recording. In turn, that meant they could capture the audio of a phone call without needing to be constantly recording.

Google has issued a patch for its own brand of phones while Samsung says it is also releasing a fix. Checkmarx says it was impressed with the professionalism of both companies and that it worked with them to responsibly disclose the bug. (Source: checkmarx.com)

What's Your Opinion?

Are you surprised such a bug was possible? Do security researchers help by thinking of such potential abuses? Does it matter that there might only be a very small crossover of people with both the technical skills and desire to abuse such a bug?

Rate this article: 
Average: 4.8 (6 votes)

Comments

dbrumley3077's picture

So what rogue apps are working with this bug? Has Google already removed them from the store ? I assume the fix will prevent any "rogue apps" from exploiting this bug, since the bug will be fixed.

No mention of other Android phones such as LG or Huawei phones regarding a fix, but good to know about this threat.

ronangel1's picture

This is why I always have a small piece of tape over the camera in laptop as can be switched on without you knowing by these bugs. If you are dressing or undressing yourself or CHILDREN with open laptop in the background awaiting your next message some one could be recording the pictures!
I also have tape on phone cameras when not in use takes fraction of a second to remove tape. No camera connected (USB Unplugged,when not in use) and microphone with hard switch on, desktop off if not in use.
Even if you are paranoid they could still be watching you....
Also if someone posted pictures of me naked on the internet probably close the whole thing down!

Unrecognised's picture

I do the same; have done for years. There should be lids/covers/doors for these things.