Google Pixel 2 devices are vulnerable to hacking by NSO an Israeli spyware. Google researchers warn that hundreds of millions of devices are vulnerable, as is the case with the Huawei P20 and Samsung S8 and S9 models.
Google issued a warning about a new vulnerability of hundreds of millions of Android phones, including its own Pixel 1 and 2 devices. According to Maddie Stone, a Google security researcher, this weakness is being actively used against targets of the Israeli group spyware trader.
If you have any of the following phones, your device is likely to remain vulnerable today because the patches are not yet available. This is the list of the phones that are still vulnerable to this hack:
- Google Pixels 1 and 2
- Huawei P20.
- Xiaomi Redmi 5A, Xiaomi Redmi Note 5 and Xiaomi A1
- Moto Z3
- Oreo LG
- Samsung S7, S8 and S9 phones
These are some of the most popular Android phones to date. According to data from the Chinese company in late 2018, Huawei sold more than 16 million P20 smartphones worldwide (a source told Forbes after publication that the number of vulnerable devices is probably much higher, because this is the only thing that Google could test).
Stone says that the main problem was solved on Android in December 2017, but Pixel 2, with its latest security bulletin, is still vulnerable according to source code verification. The same applies to all other Android phones, although Google has not explained why the fixes do not prevent the latest exploits from working. Google also failed to why it blames the Israeli group NSO for the hack
However, an ONS spokesman stated: “The NSO has not sold any exploits or vulnerabilities and will never sell them. This result has nothing to do with ONS; our work is focused on developing products that support security and law enforcement that are competent to save lives.
Hack explained and corrected
The problem was identified by Stone as an error in scaling the kernel privilege, which means that the hacker, who had already found a way to access the device, can now gain deeper access at the heart of the Android operating system. By taking control of the kernel, the hacker can do almost anything over the phone, collecting most of the kernel data. Those who took advantage of this vulnerability would probably have taken advantage of other bugs by combining them into an exploit chain to remotely own the Android device. After all, that’s what NSO does; the company has earned a reputation for its ability to focus and capture smartphones remotely.
As Stone pointed out if the hack had been transmitted over the Internet it would have required only another exploit. Just last month, similar attacks were launched in China where Uyghur sites were attacked and used to infect the iPhones and Android smartphones that visited them.
Tim Willis, director of the Google Project Zero security research team, said the problem was assessed as “very serious” and added that the malicious application can also be used to launch an attack through the vulnerability.
At least the patch for pixel users is on its way. The Google representative added that Pixel 3 and 3a devices are not affected by this problem, and Pixel 1 and 2 devices will be protected by the October security update, which will be available in the coming days. In addition, the partners received a patch to ensure that the Android ecosystem is protected against this issue.
Israeli Hackers for Rent
The NSO group is one of many Israeli start-up companies involved in the invasion of the world’s most widely used operating systems for national intelligence and police services. On Thursday, Forbes revealed the details of one of the youngest members of this clandestine community, Candiru, who, according to one investigator, sells to various regimes, including Saudi Arabia, the United States and Uzbekistan.
These companies had to deal with negative reactions to their list of authoritarian clients after it was discovered that their tools were being used to spy on and locate human rights activists, journalists and lawyers around the world. Last year, Forbes showed that several Saudi activists, some of which are closely linked to the murdered journalist Jamal Khashoggi, were attacked with NSO instruments. NSO later stated that they are in no way connected to the death of Khashoggi.