Researchers discover 8 security flaws on Android's VoIP components

Since last week, security flaws on the Android system have been discovered that could allow once exploited to be able to make calls without users' knowledge, steal the identity of vulnerable people, or put obstacles to incoming voice calls and install malware on vulnerable devices. These security vulnerabilities are exactly eight.

Related: Android mobile operating system hacked by 'Agent Smith'

those Flaws are qualified as the first of its kind. In fact, computer security researchers or computer security researchers have always academics were only interested in the characteristic elements of security equipment Equipment equipment, applications and VoIP servers. bizarrely none of them had an initiative to 'analyze the components' Google's system VoIP. This is how 3 University decided to take on this task. They were able to put in place 3 ways to analyse the Back End VoIP of many systems and have been able to systematically fully analyze the affected components to detect if there were a potential loophole in the security that can be used by hackers.

They used fuzzing as a technique the majority of their test, which is a technique of transmitting erroneous data and random components Software for then observe what behaviour there will be, which will help to detect the anomalies such as memory leaks or crashes, if any in the results.

The university team announced the week last, which it had analysed for the first time "system APIs" and Android Intent focusing on interactions with components VoIP native operating system. ». Subsequently, the researchers have installed in their lab a VoIP test bed, and conduct an analysis of the various protocols such as that:

– SIP for Login Protocol

– SDP for Session Description Protocol

– RTP for Real-time Transport Protocol

After analysing the newspapers and carrying out source code audits, including analyzing the latest versions of Android such as: Android; Android 7.0; Android 9.0 and Android Pie. Finally, nine security flaws were discovered, they ended up reporting to Google, some of which have already been Corrected. Of the 9 security breaches, there were eight Back end VoIP from Android. The remainder was for a third-party application.

Thanks to one of its flaws, malware installed on the device could launch a VoIP call without the user's knowledge through an application called VK. It can also be able to listen to all the exchanges that phone users will hear. They also added that no interaction is required to be able to exploit the security flaw. "The bug is ideal for being integrated with Android spyware, Remote Access Trojans (RATS) and other types of malware. they also explain: "For example, by physically defining "sipuser" and "serverip" in the format of Figure 10 (a), mProfileDirectory becomes "/data/data/-com.android.phone/files/alice/@SomeSite/.. /. ./.. /.. /.. /.. /sdcard/ "and allows the SIP profile file to leak onto the SD card. A permanent denial of service can also occur if "serverip" is configured to crush the file of another system application, for example mmssms.db as shown in Figure 10 (b). a little technical but to say that its flaws are quite dangerous. Together with Google, they are trying to fix it by keeping a security fix in place.

Now access an unlimited number of passwords: