Save over 40% when you secure your tickets today to TNW Conference 💥 Prices will increase on November 22 →

This article was published on August 16, 2016

80% of all Android devices are vulnerable to hackers hijacking their Web traffic


80% of all Android devices are vulnerable to hackers hijacking their Web traffic Image by: Shutterstock

A bug that was first found in version 3.6 of the Linux OS kernel (released in 2012) allows attackers to terminate a device’s connections to servers and applications. It could also be exploited to spy on unencrypted traffic or inject malware into the user’s data stream.

The security flaw, which was noted by security firm Lookout on its blog, is worrying because it’s also present in Android KitKat 4.4 and later versions. That means that 80 percent of all Android devices, or about 1.4 billion of them, are affected and vulnerable to attacks.

There’s good news and bad news. The bad news is that this enables a hacker to eavesdrop on your communications without having to compromise the network to do so, i.e. initiate a man-in-the-middle-attack.

The good news is that the flaw isn’t exactly easy to exploit; it’d take almost a minute to attack a single user, and so it wouldn’t be practical to use this for large swathes of people. However, it’s suitable for targeted attacks on individuals.

Plus, Google told Ars Technica that company engineers are already aware of the flaw and are “taking the appropriate actions.” Vulnerability CVE-2016-5696 has already been patched in the Linux kernel, and it’s likely that a fix for Android will arrive soon.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with