We all know that Facebook was caught up many numbers of times before while performing fraud with its users. And now, its time for Google, one of the well-known and most popular search engine Google has introduced a type of vulnerability in Android which helps hackers to enter and hack the data of the user and use that data to earn money and shockingly, this all can be done through hijacking camera of the user. And after that, they can capture the user’s personal photos and record footage even when your phone is locked or the screen is off.
This loophole is founded by the researcher’s and it was founded in the Google Camera app. The issue (filed under CVE-2019-2234) modified Pixel phones but additional dropped over to devices from Samsung and other manufacturers.
“An attacker can control the app to take photos and/or record videos through a rogue application that has no permissions to do so,” the researchers write. “Additionally, we found that certain attack scenarios enable malicious actors to circumvent various storage permission policies, giving them access to stored videos and photos, as well as GPS metadata embedded in photos, to locate the user by taking a photo or video and parsing the proper EXIF data.”
We appreciate Checkmarx bringing this to our attention and working with Google and Android partners to coordinate disclosure,” the company said in a statement. “The issue was addressed on impacted Google devices via a Play Store update to the Google Camera Application in July 2019. A patch has also been made available to all partners, one of the spokespeople said.
But one thing I found good that Google thank those researchers for their efforts in finding that bug. But at present, this bug has already been finished out. But as per se, Google’s Project Zero research, it must grab a from finding bugs in iOS.