Android Phones Exposed to Remote Access Vulnerability
Some Android smartphones have been found to contain a hidden security vulnerability that could allow remote access to user data, alarming cybersecurity experts and leading to a halt in the use of these devices by a major intelligence contractor, The Washington Post reports.
The vulnerability, identified by the security firm iVerify, involves a pre-installed application known as Showcase.apk, which, though dormant by default, can be activated to potentially allow unauthorized remote access to the devices. The Showcase.apk application was discovered within certain models of Android phones, including Google Pixel devices.
According to iVerify, the application appears to have been designed for use in retail environments, allowing employees to demonstrate the device's features to customers. However, researchers found that when activated, the application could connect to a server via an unsecured "http" connection, making it vulnerable to interception by cybercriminals. This flaw could enable attackers to execute code remotely, potentially injecting malicious code or spyware and gaining access to sensitive data stored on the device.
Palantir Technologies, a data analysis platform vendor that often works with government agencies and other security-sensitive clients, expressed grave concerns about the implications of this vulnerability. The company has ceased the use of Android phones for their employees as a result.
The presence of this vulnerability on Pixel devices is particularly notable since they are known for receiving timely security updates directly from Google. Google has now announced that it will issue an update to remove the Showcase.apk application from all supported Pixel devices. Distributors of other Android phones will also be officially notified of the issue.
Popular Stories
Apple has announced that iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2 will be released today following more than six weeks of beta testing.
For the iPhone 15 Pro and iPhone 16 models, the update introduces additional Apple Intelligence features, including Genmoji for creating custom emoji, Image Playground and Image Wand for generating images, and ChatGPT integration for Siri. There is also ...
Next year's iPhone 17 Pro models will reportedly feature a major redesign, specifically centering around changes to the rear camera module, and now new supply chain information appears to confirm the striking change, according to a Chinese leaker.
iPhone 17 Pro concept render
Late last month, The Information's Wayne Ma claimed that the rear of the iPhone 17 Pro and iPhone 17 Pro...
Developers now have access to cloud-based M4 and M4 Pro Mac mini units via MacWeb, a Silicon Valley-based provider of cloud services.
The company has launched three configurations of the new Mac mini, powered by Apple's M4 and M4 Pro chips. Developers and IT teams can rent these machines for tasks ranging from basic development to advanced artificial intelligence modeling, providing an...
Wednesday December 11, 2024 10:02 am PST by
Juli CloverApple today released macOS Sequoia 15.2, the second update to the macOS Sequoia operating system that was released in September. macOS Sequoia 15.2 comes over a month after the release of macOS Sequoia 15.1.
Mac users can download the macOS Sequoia update through the Software Update section of System Settings.
macOS Sequoia 15.2 adds Image Playground, an app that lets you create...
Wednesday December 11, 2024 10:54 am PST by
Juli CloverApple today made a mistake with its macOS Sequoia 15.2 update, releasing the software for two Macs that have yet to be launched. There is a software file for "Mac16,12" and "Mac16,13," which are upcoming MacBook Air models.
The leaked software references the "MacBook Air (13-inch, M4, 2025)" and the "MacBook Air (15-inch, M4, 2025)," confirming that new M4 MacBook Air models are in...
Wednesday December 11, 2024 10:03 am PST by
Juli CloverApple today released iOS 18.2 and iPadOS 18.2, the second major updates to the iOS 18 and iPadOS 18 updates that came out in September. The new updates come over a month after Apple released iOS 18.1 and iPadOS 18.1.
Subscribe to the MacRumors YouTube channel for more videos.
The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General >...
Apple today seeded the second release candidate versions of upcoming iOS 18.2, iPadOS 18.2, and macOS 15.2 updates to developers and public beta testers for testing purposes, a week after releasing the first RCs. The first iOS 18.2 RC had a build number of 22C150, while the second RC's build number is 22C151. Release candidates represent the final version of beta software that's expected to see a ...
