Android is one of the most popular mobile OS of our times, which makes it vulnerable to security hacks. Today, a new exploit has been discovered by MWR InfoSecurity that targets Android versions ranging from Android 5.0 Lollipop to Android 7.1 Nougat. This exploit tricks users into recording their screen without knowledge. In simple terms, your mobile screen content is being secretly recorded, and you may be having no idea about it.
According to a report published by MWR InfoSecurity, the exploit involves Android’s MediaProjection framework that was launched with Android 5.0 Lollipop. It offered developers ability to record phone’s screen alongside system audio. In previous Android versions, the screen recording apps were required to run with root prerogatives or signed with special keys, but with Lollipop and versions that came after that, developers had access to the screen capturing feature without any root permissions.
The report states that Google patched this vulnerability in Android 8.0 Oreo, but as most of the Android devices are not running Oreo, the threat still persists and can affect the majority of users.
Submitted by: Arnfried Walbrecht