Published on November 6th, 2015 📆 | 3836 Views ⚑0
SDK Security Flaw Puts 100 Million Android Users Vulnerable to Backdoor Attack
A software development kit that has been provided by Baidu (A Chinese search engine) can easily be exploited for installing backdoors on Android devices.
About 100 million users are in danger of getting affected due to this vulnerability as according to Trend Micro‘s report the SDK has been used to make 14,112Android applications till now. Out of these 14,112 Android applications, 4014 have been made by Baidu itself.
This SDK is known as Moplus and on opening it launches an HTTP server. The HTTP server runs in the background and the users hardly have any idea about it.
The server can be controlled by the hackers and they can send commands through a particular port to execute their commands. Currently, researchers found SDK using 2 ports i.e. 6529 and 40310.
But, you must be wondering how come hackers are able to handle the server so easily? Well, HTTP is a web server which is launched by SDK on startup so for hackers they only need to scan the mobile networks and find the ports they are looking for, next is sending the commands to the ports to execute.
Here is a list of tasks hackers can ask for ports to execute:
* Get phone details
* Send SMS messages from the phone
* Make phone calls
* Add new contacts
* Download files on the device
* Upload files from the device
* Get a list of local apps
* Push Web pages
* Trace phone’s geolocation.