Android smartphone bug affects 8 out of 10 of devices.
Android dominates the smartphone market with an 80% (approx.) share. But this also mean that one single vulnerability can affect millions of devices at once .Eight out of ten Android smartphones are vulnerable due to a major bug present in Linux kernel (version 3.6) since 2012.
Developers discovered his bug one week ago. This bug allows hackers to identify host communicating over the TCP and attacking the traffic.
Affected android devices-
As said this affects 80% smartphones devices based on linux kernel 3.6, that is almost 1.4 billion . Android version 4.4 kitkat to latest developer preview Nougat are still vulnerable. Google rolls out monthly updates to carriers and handset makers, and over-the-air security updates for Nexus devices are sent by Google the first of every month.
These updates may fix this problem from much as 40% of android devices until start of October 2016.
This bug is easy to exploit, one can use metasploit to search linux kernel 3.6 TCP vulnerability. Attacker can get easy access to traffic over TCP ports without MITM(Man In The Middle) attack. However, gaining access over encrypted traffic is quite difficult but still possible using MITM. Install zAnti app, it is the easiest way to perform MITM through on your rooted phone.
If your phone is affected by this vulnerability then it is advised to use HTTPS only website and setup a VPN if possible. Check for updates regularly and be careful while using public wi-fi.
That’s all for now, share if it’s helpful. See you guys in the next post.