contador pagina web Saltar al contenido

A flaw affects thousands of Android smartphones

Some manufacturers of Android smartphones are currently singled out by security expert Kevin Beaumont, who does not directly quote them in order to limit the exploitation of the flaw discovered on the terminals.

According to him, on some Android devices, the Android Debug Bridge (ADB) which allows you to send commands directly from a computer to install applications via USB or wirelessly via the 5555 bridge would have remained activated by default. Clearly, this is a front door left wide open for possible intrusions.

malware_Android_BT-GNT

Usually, this door is not opened by default, the risks of seeing the fault exploited are far too great. But some manufacturers would have been negligent. Worse, the flaw is clearly known to hackers since GreyNoise Intelligence and Project Heisenberg have demonstrated a strong increase in scans performed on TCP port 5555 since February, demonstrating the willingness of hackers to find terminals affected by this ADB flaw.

Another alarming fact, the discovery by Qihoo 360 of a worm aptly named ADB.Miner specialized in the exploitation of this flaw to install a cryptocurrency miner without the knowledge of the user. More than 5000 terminals would have been infected with the worm in 24 hours.

Are you concerned by this flaw? To find out, simply go to your smartphone's settings, in the "About the phone" section and type 7 times on the build number to activate the options dedicated to developers. Once in the new menu, it suffices to note whether the USB Debugging and Wireless ADB Debugging options are enabled or not (they are supposed to be disabled).