The Google Threat Analysis Group (TAG) announced that it identified spyware on mobile devices from Samsungwhich came to explore vulnerabilities in the devices, although the situation has already been controlled and corrected.
There were three vulnerabilities that were used as a chain to take part of the control of the cell phone, since the attackers had privileges to read and modify files and then expose them.
“Analyzing this exploit chain has given us important new insights into how attackers target devices. Android. It highlights the need for more research on manufacturer-specific components. It shows where we need to do more variant analysis,” he said. maddie stoneand, security researcher at Google Project Zero.
Phones attacked by spies
According to the investigation, the cell phones on which the attacks were carried out were those that used the 4.14.113 kernel and the Exynos processor, which is marketed mainly in Europe, the Middle East and Africa.
In addition, the references in which the espionage was identified were the Galaxy S10, A50 and A51, where users were taken to download a file outside the official stores, which allowed the cybercriminal to flee from the testing area of the application designed to contain your activity and access the rest of the device’s operating system.
However, the researchers were only able to obtain a competent one from the exploit application, so it is not known what the final payload was.
This situation has already been corrected by Samsung, that they committed to disclosing the vulnerabilities that are actively exploited, as they are already doing Google and Apple.
During this year, researchers also found other spyware called Hermit, which was working on Android and iOS. This had been developed by RCS Lab and was directed at governments, with known victims in Italy and Kazakhstan.
How to prevent accounts from being hacked
1. Never provide personal or financial information over the phone or email. Beware of phishing scams, in which a pop-up message arrives on your phone or email requesting personal or financial information.
two. Always use strong passwords that are at least eight characters long, that contain numbers and special characters (such as $, %, and +) and that do not contain dictionary words. Change passwords frequently and never share them.
3. Use antivirus and antimalware programs. Spyware is software that is often installed on a computer without the user’s knowledge and collects information about the user. You have to be very careful with phishing scams.
Four. Avoid using software downloaded from unknown websites or file sharing services. Rather, avoid almost all software that has not been downloaded from a trusted (official) provider. In fact, these are programs that may contain spyware.
5. Activate multi-factor or two-step verification. Almost all major services and accounts (Steam, Microsoft, Discord, etc.) they have the ability to activate multi-step verification either by email, text or through an in-app code. Security experts consider this important.
6. Never post personal information about yourself on social media and other similar sites: date of birth, place of birth, surnames, etc. Search engines can easily find this information and use it against you.