In what is possibly the greatest smartphone flaw ever exposed, an online safety firm is warning Android users that a single virus-laden text could give hackers complete control over their phones.
The flaw, which was discovered by mobile security firm Zimperium, affects the vast majority of Android phones, or about 950 million devices worldwide.
Similar to the iPhone text hack discovered in May, hackers are taking advantage of the way Android phones automatically process incoming media files like pictures or videos. A video text can be engineered with malware to bypass Android’s security measures and rendering control of a user’s information, apps or phone camera and microphone to a hacker. All of this can happen simply by receiving a message. It’s also possible the text could delete itself, infecting a user’s phone without them even knowing it.
Google acknowledged the flaw to CNNMoney on Monday and assured users that there are measures that limit a hacker’s access to their phones, though hackers have bypassed these measures before in the past.
Zimperium claimed that they warned Google of the flaw back in April and even provided a fix — Google responded immediately saying that a patch would be shared with Android users. But that was 109 days ago, and Google still hasn’t completely fixed the issue, which prompted Zimperium to go public with their findings.
The flaw affects any phone using Android software made in the last five years, which includes dessert-themed versions Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich, Jelly Bean, KitKat and Lollipop.
Unlike Apple, Google can’t distribute updates to all Android users efficiency because they must coordinate with Android cell-phone carriers and phone manufacturers for new software updates.
While there is a Google patch update set to be available for Android users, there is little Android users can do as of this moment to protect themselves.