Tags: android | vpn | kitkat | flaw

Android VPN KitKat Flaw Exposes Phones, Other Device to Hackers

Wednesday, 29 Jan 2014 11:29 AM

By Michael Mullins

  Comment  |
   Contact  |
  Print   |
    A   A  
  Copy Shortlink
A VPN vulnerability exists in Android's KitKat 4.4 version, according to security researchers from Ben-Gurion University's Cyber Security Labs in Israel. It allows  a malicious application to intercept information as it is entered into the smartphone, tablet or other device.

The flaw also exists in Android's Jelly Bean 4.3.

In their findings, the researchers found that the hacker can bypass a VPN connection through the app and subsequently route all data communications from the device to a network belonging to the attacker, PCWorld.com reported.

Urgent: Do You Approve Or Disapprove of President Obama's Job Performance? Vote Now in Urgent Poll

"These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed," the researchers wrote on their blog earlier in the month. "This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure."

A VPN, or virtual private network, is an encrypted program that allows companies to securely connect their employees to a corporate network from remote locations.

Though the researchers demonstrated how the malicious app works in a video, seen below, they would not publish technical details as to how the breach is carried out due to the possibility that it could expose more vulnerabilities of the system, PCWorld reported.

The researchers have reportedly submitted their findings to Google, the maker of Android, and are awaiting a response from the company.

The findings were connected to a prior project involving vulnerabilities with a Samsung KNOX program, which is designed to enhance security on the Android platform.

Samsung’s response to the researchers findings prompted them to investigate the issue further and led to the discovery of the VPN bypass, PCWorld.com reported.

"In the first finding we reported to Samsung the vulnerability details and an example exploit where an attacker can intercept, block, and alter data communications (non SSL/TLS and non VPN)," the researchers wrote on their blog. "We also stressed the point that other kind of attacks can take place via the same vulnerability. In our continued investigation of the vulnerability we found that an attacker can, in fact, do much more harm."

Google has yet to respond to the alleged security breach.

Editor's Note: ObamaCare Is Here. Are You Prepared?

Related Stories:

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact  |
  Print   |
  Copy Shortlink
[Error loading the WebPart '']
Value cannot be null. Parameter name: virtualPath
Send me more news as it happens.
Get me on The Wire
Send me more news as it happens.
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Zip Code:
Privacy: We never share your email.
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
You May Also Like

Val Kilmer Weight: Star Sheds Pounds, But Has It Gone Too Far?

Tuesday, 23 Dec 2014 18:55 PM

Actor Val Kilmer is drawing attention for his dramatic weight loss.
The "Batman Forever" star, 54, was seen shoppin . . .

McDonald's: Gun Pulled by Man Over Missing Drive-Thru Cheeseburger

Tuesday, 23 Dec 2014 20:12 PM

A man in Nashville, Tennessee, is accused of pulling a gun in a McDonald's restaurant and complaining that his drive-thr . . .

Amy Van Dyken: Accident Changed Outlook and 2015 Will Be 'Awesome'

Tuesday, 23 Dec 2014 19:57 PM

Olympic gold medalist swimmer Amy Van Dyken is showing an increased appreciation for life after an ATV accident this sum . . .

Top Stories

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved