New Android vulnerability susceptible to phishing attacks by SMS

By -

The smartphones with Android can be as “ready” as you want. However, that does not mean they are safe. Just discovered one new vulnerability that affects many OS versions of Google , especially to cool.This is a security hole that encourages attacks phishing via short messages ( SMS ), what experts have dubbed ” SMiShing “( SMS-phishing ). The operation is simple. The user is downloaded to your device Android an infected application that exploits this vulnerability to create fake text messages and send them to mobile phones other people listed in the address book.

These messages can be vehicles for attacks phishing , for collecting personal and financial information , such as account numbers, passwords and passwords. In fact, last Thursday the retail chain Wal-Mart was the star of one of these attacks SMiShing . The hook to get personal data was claim a gift certificate (false) worth a thousand dollars. The distributed short message text read: “Dear customer, Wal-Mart, Congratulations you won a gift certificate for $ 1.00. Click this link to claim your prize. ” The victims of deception that have just entered the link in a fraudulent website that requests your personal and financial data to “process” the gift voucher.


Cybercriminals running these attacks SMiShing profiting pursue precisely those personal and financial data. The discoverer of this new vulnerability is a researcher at the University of North Carolina, in the United States, called Xuxian Jiang . Jiang said that has reported the security hole to Google, and has been surprised by the speed of response, in just ten minutes. Since Google has promised that security hole cover in future versions of Android.

This research has confirmed that the scope of the vulnerability affects many different smartphones: Google Nexus S, Google Galaxy Nexus, Samsung Galaxy S 3, HTC Inspire One X and HTC, among others. Then of platforms, ranging from affected versions Froyo (2.2.x) to Jelly Bean (4.1) throughGingerbread (2.3.x) and Ice Cream Sandwich (4.0). Besides, Jiang stressed that this is a serious vulnerability , because it requires the intervention of a second type of malicious code exploit , which is responsible for requesting authorization to launch the attack. With that facilitates the action of cybercriminals.

Until Google cover that gap in security , you can take some precautions . For example, do not download (or install) on the Android smartphone or tablet no applications from unknown sources. It should also carefully read the text short messages received, and be very cautious before you click on links contained therein.

He has over 5 years of experience as Online Media and Marketing Consultant, which allow him to enable companies to enhance and meet their Digital marketing goals. He has experience as both in-house and Agency Digital Marketing Experts. Ha has spent the most recent 4 years of his career focusing building Strong terms of Digital Marketing for his clients. In addition to his strengths on Building Brands and Serving Online Marketing strategy for his clients.

Comments are closed.