80% of Android Devices Are Open To Spying Due To This Linux TCP Flaw

android-linux-tcp-flaw

It has just been recently discovered that about 80% of Android smartphones are affected by a vulnerability which hackers can exploit to remotely hijack internet traffic, terminate connections, and inject malware  according to the security firm Lookout. The vulnerability has been classified as CVE-2016-5696.

The flaw was first discovered in all Linux kernel versions between 3.6 and 4.7 and when left unnoticed can facilitate a range of blind off-path TCP attacks which have an astonishing success rate of 90%. It is this first vulnerable Linux kernel version that was used to create Android KitKat.

Andrew Blaich, a security researcher from Lookout said:

If you’re running an enterprise mobility program, a number of Android devices are potentially vulnerable to a serious spying attack

The security firm discovered that although the Linux Foundation pushed a patch for the Linux kernel on July 11, 2016, the kernel wasn’t patched against this particular flaw when the latest developer preview of Android Nougat was checked. And although carrying out such an attack is not easy as ABC because the source and the destination IP addresses are requirements, it might not be a problem for attackers like ISPs and governments who have a privileged access to the network.

VPN and encryption can protect Android users

The Lookout team recommends that users make use of encrypted apps, HTTPS, and VPN in order to defeat this flaw, and for technical users, they advise that:

If you have a rooted Android device you can make this attack harder by using the sysctl tool and changing the value fornet.ipv4.tcp_challenge_ack_limit to something very large, e.g.net.ipv4.tcp_challenge_ack_limit = 999999999.

Google termed the flaw ‘moderate’, and a representative of theirs told Ars that they are aware of the vulnerability and that they are taking required actions.

About The Author
Okoi Martins Jr.
I'm a Computer Scientist with a passion for learning new things in fields ranging from theoretical implications of computer science and mathematical modeling to web development and music. In my spare time, I listen to music, read like a compiler, and learn like an A.I algorithm.

Leave a Response