Android camera bug could have turned phones against their users

Android flaw let apps take control of owners' camera and silence the shutter

Android flaw allowed attackers to spy on users through phone camera

Checkmarx first alerted Google and Samsung to the flaw over the summer. This shocking news was revealed yesterday by security firm Checkmarx, after it discovered some major flaws in Google's camera app for Android devices, as well as that from Samsung.

If you're not sure whether your smartphone's manufacturer has issued an update for your phone's camera app that fixes this bug, one way to find out is to try exploiting the bug yourself (which comes care of Ars Technica).

Multiple vulnerabilities affecting Google and Samsung smartphones could allow hackers to remotely spy on users through their phone's camera and speakers, according to the security research team at Checkmarx.

Pompeo looking to leave State Department, run for Senate
Pompeo defended himself after heated criticism from former diplomats that he has not stood up for the State Department. Trump's relationship with Pompeo, who vocally defends his global policy and faithfully, has been seen as unbreakable.


However, in this particular case, it was discovered that merely having permission to access the storage region of the phone gave the apps unrestricted ability to use other features of the camera. What's more, the audio-video permission also allows the hacker to automatically record phone calls from both sides of the conversation.

In a blog post on CheckMarx, the security researchers explained how they were able to bypass the restrictions in place on Android phone and access information that shouldn't be available to anyone.

Both of these vendors have fixed the problem in their own implementations of the Android camera app. Google rolled out the fix in July this year to the Google Play store. As of now, it's unclear of any other manufactureres have addressed this issue.

2019, année record pour les Fennecs ? Oui et non — Algérie
Le meilleur joueur de la CAN devance Mahrez, Belaïli et Slimani (3 passes chacun) mais aussi Bounedjah et Atal (2 passes chacun). A noter que les adversaires seront connus à l'issue du tirage au sort des groupes qui sera effectué le 15 janvier 2020.


After ADB is installed and configured, plug your Android phone into your PC with the USB cable. It affects Google Camera and Samsung Camera apps that have not been updated since July 2019. What it doesn't say, though, is whether any third-party vendor other than Samsung has responded, taken action, or shown itself to be unaffected.

Google has since confirmed the issue, thanking the researchers for their work. Since this vulnerability extends into the broader Android ecosystem, Google has already notified its OEM partners and sent out patches to them.

Google has answered to this take a look at from Checkmarx in a assertion: 'We love Checkmarx bringing this to our attention and working with Google and Android companions to coordinate disclosure'.

Kim Kardashian Reacts to Kylie Jenner's $600 Million Deal
She was fearless enough to declare this publicly as she was exhausted of answering questions about the same topic again and again. It was in October of this year when the family reappeared in the newspapers when Caitlyn celebrated her 70th birthday with them.


To demonstrate the flaw, the security firm created a proof-of-concept rogue app that exploited the weakness. Global Positioning System data could easily be extracted from the images if the feature is enabled in the camera app. Additionally, the flaw might also be used to access the microphone and might even get access to the user's current location through the photos or videos made. Those running a GCam mod on their devices need to also check that they're based on a newer version of the app.

Latest News