INSUBCONTINENT EXCLUSIVE:
of a device's camera app to remotely take photos, record video and even spy on user's conversations and location.The flaws were discovered
by the Checkmarx security research team, which initially began researching the Google Camera app on a Pixel 2XL and Pixel 3 when they
also impact Samsung's camera app and other Android smartphone vendors as well.Director of security research at Checkmarx, Erez Yalon and
senior security researcher at the company, Pedro Umbelino explained how they were able to use a rogue app to gain control of the Google
and intents, an attacker can control the app to take photos and/or record videos through a rogue application that has no permissions to do
so.""Additionally, we found that certain attack scenarios enable malicious actors to circumvent various storage permission policies, giving
them access to stored videos and photos, as well as GPS metadata embedded in photos, to locate the user by taking a photo or video and
parsing the proper EXIF data
Checkmarx developed a malicious application as a proof of concept exploit
The weather app it created did not require any special permissions besides basic storage access which is a commonplace permission requested
by many other apps on the Google Play Store.However, in addition to its weather app, Checkmarx also set up a command and control server
which the app connects to for the purpose of carrying out an attacker's bidding
Once the app is installed and has been opened on a user's device, it creates a persistent connection to the command and control server and
waits for instructions.Even if a user were to close the app, it would still be connected to the server and an attacker could command it to
take a photo, record video, record audio from voice calls, capture GPS tags from photos and access the data stored on the device
All of the photos and videos taken by the app would then be uploaded to the server.The proof of concept exploit created by Checkmarx would
even allow an attacker to record video and take photos if the smartphone was locked.Both Google and Samsung have issued fixes for the
vulnerabilities and to prevent falling victim to a similar attack, users should update their devices to the latest version of Android, check
