VPN bypass attack possible also on Android KitKat
Posted on 29 January 2014.
Security researchers at Ben Gurion University in Israel are on a roll when it comes to discovering Android security flaws, and they revealed the existence of a critical flaw in the latest mobile OS version.


In late December, they published their findings regarding a vulnerability they initially believed to be in Samsung's Knox architecture but turned out to be an Android 4.3 flaw that allowed attacker to perform a Man-in-the-Middle attack by bypassing VPN configurations to intercept data.

On Monday, they shared that Android 4.4 ("KitKat") is susceptible to the same attack (with some modifications).

"At first we could not reproduce it with the original vulnerability code since KitKat has a modified security implementation," the researchers noted in a blog post.

"Following an elaborate investigation we were able to reproduce the same vulnerability where a malicious app can bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address. These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure."

Google has, of course, been notified both times, and the researchers understandably didn't go into specific details about their exploit or the vulnerability and won't share that information until the flaw is fixed.

They haven't mentioned if they believe the flaw is being exploited in the wild by malicious attackers, so it's safe to assume they don't know. Of course, this doesn't mean there aren't any.









Spotlight

Hackers indicted for stealing Apache helicopter training software

Posted on 1 October 2014.  |  Members of a computer hacking ring have been charged with breaking into computer networks of prominent technology companies and the US Army and stealing more than $100 million in intellectual property and other proprietary data.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //