Not long ago, we saw the emergence of sim swapping attacks utilizing a loophole in the two-factor authentication process. Now in the latest, researchers from Check Point have discovered vulnerabilities in certain Android-based phones including the likes of Samsung, Huawei, Sony, and LG which allows attackers to access your information.
These phone companies collectively happen to make up 50% of all Android phones according to statistics from 2018, therefore, chances are that every second Android user is now vulnerable to the attacks identified by Check Point.
The technology exploited is called Over-the-Air provisioning (OTA) which has been used commonly by cellular networks to update network settings on a user’s phone. As it requires nothing more than a tap, its ease of use is behind its popularity as a method to do so.
See: Popular CamScanner app for Android infected with nasty malware
How it does this is through classical phishing. When the suggested settings message appears, one is naturally inclined to believe that is must be from a legitimate authority. However, there is no actual way of verifying where it originated from due to the industry-standard contained within the Open Mobile Alliance Client Provisioning (OMA CP) protocol, and this very ambiguity is what attackers exploit.
They send OTP mes ..
Support the originator by clicking the read the rest link below.
![[DiyOtaku] Gives Old Devices A New Life](upload/news/image_1714723213_17994018.png)
