Recently unearthed by the security research team at Bluebox this severe vulnerability could up to 99% of all devices manufactured in the last 4 years, or nearly 900 million devices.
This exploit which effectively installs a trojan virus inside an application on your phone can read any information (emails, texts, accounts, passwords, etc.). But not only that it can also allow the hacker to take control of any function on your phone such as making calls and taking photographs using the camera.
The power of this security hole was demonstrated by Bluebox when they changed the name of the baseband version string (which is usually controlled by the system firmware alone) to include their companies name.
Details of this security hole was disclosed privately to Google in February 2013, they say it’s up to device manufacturers to release firmware updates to plug this hole.
It is quite worrying that this vulnerability is potentially on such a large number of devices, but I have every faith in Google and the device manufacturers to get this fixed with the utmost priority otherwise the implications could be phenomenal.
It is up to you the user to install these updates as soon as they become available.
For more information on this exploit please visit Bluebox’s blog post on the matter.