The deadly Stagefright vulnerability recently affect 95% of Android devices and a large number of smartphone makers had to roll out security patches to fix the bug. Now a new lockscreen hack has been discovered for Android smartphones.
Apparently, the new lockscreen hack puts Android phone vulnerable to full control by hackers despite being in a locked mode. The latest hack was discovered by a security analyst at the University of Texas’s information security office in Austin. The hack affects devices running versions of Android 5.x to gain complete control of the device and all the data stored on it. It involves inserting an extremely long string of characters into the phone’s Emergency Call dial pad and repeatedly pressing the camera shutter button from a locked Android phone.
The hacker then swipes open the camera from the locked phone, accesses the options menu, and pastes the characters into the resulting password prompt. The handsets unlock after this instead of returning an error message. The analyst says that by using that access to enable developer mode, an attacker could also connect to the phone via USB and install malicious software. Google had released fix for the vulnerability in the “LMY48M” Android 5.1.1 build last week for the Nexus 4, 5, 6, 7, 9, and 10.