Dorblue
Essential
- Joined
- 28.09.20
- Messages
- 93
- Reaction score
- 258
- Points
- 33
Devices running Android version 10 and earlier are vulnerable to attacks.
Specialists of the information security company CENSUS presented details about the vulnerability they discovered in WhatsApp for Android, which allows you to carry out a Man-in-the-Disk (MitD) attack. The vulnerability, which received the identifier CVE-2021-24027, has already been fixed in the latest versions of the messenger, so the researchers decided to tell the general public about it.
According to experts, attackers can carry out a simple phishing attack using WhatsApp and steal data stored on the memory card of an Android device. In addition, the vulnerability allows you to remotely collect TLS cryptographic material for TLS 1.3 and TLS 1.2 sessions, with which attackers can carry out a man-in-the-middle (MitM) attack and compromise the connection of the WhatsApp application, remotely execute code on the victim's device and extract the Noise protocol keys used for end-to-end encryption of user connections.
The attack presented by the researchers works on Android versions 9 and earlier. A similar attack can also be carried out on Android 10, if you use file access, but the CENSUS experts decided not to include its description in their report for reasons of saving time.
"Even without Android 10, the number of affected devices remains very large. According to Appbrain statistics, today the number of devices running Android up to and including version 9 may well account for 60% of all devices running Android, " the report says.
Specialists of the information security company CENSUS presented details about the vulnerability they discovered in WhatsApp for Android, which allows you to carry out a Man-in-the-Disk (MitD) attack. The vulnerability, which received the identifier CVE-2021-24027, has already been fixed in the latest versions of the messenger, so the researchers decided to tell the general public about it.
According to experts, attackers can carry out a simple phishing attack using WhatsApp and steal data stored on the memory card of an Android device. In addition, the vulnerability allows you to remotely collect TLS cryptographic material for TLS 1.3 and TLS 1.2 sessions, with which attackers can carry out a man-in-the-middle (MitM) attack and compromise the connection of the WhatsApp application, remotely execute code on the victim's device and extract the Noise protocol keys used for end-to-end encryption of user connections.
The attack presented by the researchers works on Android versions 9 and earlier. A similar attack can also be carried out on Android 10, if you use file access, but the CENSUS experts decided not to include its description in their report for reasons of saving time.
"Even without Android 10, the number of affected devices remains very large. According to Appbrain statistics, today the number of devices running Android up to and including version 9 may well account for 60% of all devices running Android, " the report says.