Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Upgrade your Android device before your mobile wallet gets hacked.
Mobile Android cryptocurrency wallet users are at risk for hacking because of a new vulnerability that allows the MediaProjection service to capture the user’s screen and audio content. More than three-quarters of all Android users are at risk, as the bug affects the Lollipop, Marshmallow and Nougat platforms.
Google has accidentally created the risk, since the release of Lollipop 5.0. Prior to this release, the MediaProjection functionality was only available to system-level applications and through release keys. All new systems since have been vulnerable to this type of data attack.
Popup coverup
Apparently, when a hacker seeks to start recording screen information, a popup will appear, informing the user. However, hackers are able to cover that popup with a second popup in a process called ‘tapjacking.’ According to experts on the topic:
"Furthermore, the SystemUI pop-up is the only access control mechanism available that prevents the abuse of the MediaProjection service. An attacker could trivially bypass this mechanism by using tapjacking this pop-up using publicly known methods to grant their applications the ability to capture the user’s screen.”
Google has offered a patch in the Oreo (8.0) version, but all previous versions are at risk. Cryptocurrency users who access private wallets on mobile devices could very easily have their wallets hacked via this system and are encouraged to upgrade to the latest system for protection.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.