What you need to know
- A vulnerability found by security researchers at Checkmarx allowed for an app with only storage permissions to access the camera on your Android phone to take photos and videos.
- The flaw was found to be present in the Google Camera and Samsung Camera apps, as well as other Android OEMs.
- Samsung and Google have since patched the flaw and Google has informed all its OEM partners and issued them patches for the vulnerability.
Recently, a security flaw was made public that allowed the camera on your Android phone to spy on you. The vulnerability was found by security researchers at Checkmarx, and it allowed for an app with only storage permissions to take control of the camera app on your phone to take photos and videos.
The team at Checkmarx found this vulnerability to be present in both the Google Camera and Samsung Camera apps, as well as camera apps from other smartphone makers. In a video demo, Checkmarx used a Pixel 2 XL running Android 9 to show how this flaw worked and several scenarios of how it could be used to spy on you.
It starts by installing an app that only asks for storage permissions on your phone, a permission that is quite common among apps. In this case, Checkmarx used a weather app that then gave an attacker access to your phone with the ability to open the camera app and take photos or videos. Not only could the attacker remotely trigger your camera and view the photos or videos, but they could also view the GPS data to get your location, as well as check the status of the proximity sensor to ensure you were not looking at the phone to see the camera app was active.
Given that the attacker could take video footage, that means they could also record the audio, giving them full access to eavesdrop on your conversations.
Thankfully, Google and Samsung have already patched the vulnerability, with Google doing so back in July with a Play Store update. Google also informed all of its OEM partners about the flaw and sent patches out to them as well.
It just goes to show the importance of regular security updates for phones, and now is as good a time as any to make sure your phone is running the most current OS and all of your apps are up to date.
We may earn a commission for purchases using our links. Learn more.
The Samsung Galaxy Z Fold 3 will need all-new glass if it has S Pen support
Half of what makes the S Pen great lives inside the display. Getting that half to work well with a folding screen isn't going to be an easy feat.
You voted: these are the best Google Play apps, games, and movies of 2020
The winners of the Google Play Users' Choice Awards have been announced, highlighting this year's favorite apps, games, and more.
Cyber Monday Canada: Last-minute deals for everyone on your list
There's no getting around it: Cyber Monday is the best time to buy the tech (and other stuff) on your wishlist.
These are the best rugged cases for the Samsung Galaxy Note 9
With the Note 9 ranking as one of the most expensive phones on the market in 2018. Whether you ended up buying one back then or just got your hands on one today, the last thing you want is some unsightly cracks or scratches from a hapless drop.