CATEGORIES
home News

Nearly 3 Million Android Phones Vulnerable To OTA Update Hijacking

by Brandon HillSunday, November 20, 2016, 03:18 PM EDT
It’s another day, and another backdoor Android exploit has been discovered. Last week, we brought you news of a secret backdoor installed on a number of budget Android devices that was beaming personal information (test messages, phone numbers, contacts) to servers in China. Today, we’re learning of another exploit that once again targets low-cost Android smartphones.

At the center of the discussion this time around is the Ragentek firmware used on a number of Android smartphones. Researchers from BitSight Technologies discovered two internet domains that were hardwired into the firmware. Until recently these domains were unregistered, so BitSight took it upon itself to register the domains to do a bit of testing.

blue studio g 2

With BitSight now in possessions of the domains, it discovered that 2.8 million unique devices have sought to connect using the exploit. The firmware dangerously allows apps with escalated privileges to be installed, with BitSight writing, “The fact that the device reached out to defined head-ends immediately after initialization implies that the devices are affected by this issue out of the box, and were not subsequently compromised through other means, such as through a subsequent update.”

One BitSight researcher took to Twitter to describe the scope of the vulnerability:

The man-in-the-middle attack (MITM) that is possible with this type of exploit is compounded by the fact that Ragentek does not encrypt communications sent to and from affected Android devices. Even more damning is the fact that code-signing is also not employed, which would allow a remote attacker to execute malicious code with root privileges using the over-the-air update mechanism.

Of the nearly 3 million Android devices that are affected, 55 different models are caught up in the mix. Unfortunately for BLU, whose devices were fingered in last week’s exploit, six of its current models are affected by this firmware malady. In fact, BitSight’s examination of the MITM attack took place on a BLU Studio G, which purchased from Best Buy. According to CERT, BLU has issued an update to address the issue on its phones.

It should be noted that while BitSight is in sole possession of two domains that are hardwired into firmware (and thus saving millions of Android users from potential attacks), there is still one registered domain that could leave users open to attack.

Tags:  Firmware, Android, backdoor, (nasdaq:goog)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment