Is Your Smartphone Actually Vulnerable?

September 16, 2016 | Views: 6896

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

There was a time (way, way back) when Android developers used to only root their mobile devices! But, like everything else, as time passed, Android users increased and users became more sophisticated as they wanted to know what rooting was.

I was saddened about the fact that 50-60% of Android phone users in India do not know what rooting even is. But, now I am happy that they don’t know what it is. Why? I’ll tell you. Simply put, nowadays there are plenty of apps that are available for download, for free, that can root your phone without the knowledge of recovery mode, TWRP,  cwmiRoot, 360 root, RootGenius, and so many more.

These apps are legitimate and are used worldwide! The app developers who develop those types of applications use code that is easily exploited – WHAT?! Yes, you read correctly. In other words,  the code itself is a malicious code that can gain root access and do any sort of malicious thing on your phone. I know, it’s hard to believe, but yes :'(

Researchers have confirmed the code can easily be reverse engineered, and some of the codes are famous exploits such as Tower root, Ginger-break etc. These exploits have been reviewed and reverse engineered by computing researchers and they have concluded that they have identified nearly 170 exploits from a single provider.  Here’s the worst part – no Antivirus program is able to detect any of that since they use AV evading techniques and are undetectable!

I hope this has opened your eyes to the dangers of mobile devices and what you chose to install on them. Be careful! Only use stuff from trusted sources and monitor your devices for funny looking activity. That’s all guys. Thanks!!!!

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
12 Comments
  1. So if I understand this correctly, if I “rooted” my phone (android) I would be able to unload all the apps that come pre-loaded (don’t want), after this I assume I can un-root and this will give me the safety aspect whilst I will have given myself more space??

  2. Idon’t really get what this rooting is, is it the ability of the maliciuos codes to enter ones’ device that is call rooting or the ability of one to download an application that contains the viral infested apps? Also how can one stop apps from gaining access to ones’ device?

    Thanks.

    • I wonder if this term is the same as “jail breaking”?

    • Having been developing custom ROMs for myself and friends since the days of the first android OSs (G1 in 2009), I’ll try to keep it simple.

      Rooting is gaining full user access of the root directory. The root directory is practically the base of your phone below the operating system, system, data, and even caches.

      You’re able to install a custom bootloader, custom Modem, custom recovery, custom ROM etc. This, in turn, allows you to de-bloat your phone (removing unwanted or unneccesary programs included by the manufacturer or distributor, thus allowing your phone more storage space), to transfer apps to SD, speed up your phone (overclocking), increase battery life (underclocking, or alternative process management), etc etc…

      It could be synonymous to “jail breaking” on iPhails, if one is no longer an iSheep, but it does a lot more (yes, I’ve ventured into the world of jail breaking, and iPhones are very easy to crack/hack/modify/etc <~haha looks like a linux file)

      Anyway, my 2 cents…

  3. I read as some apps will root your phone if you install some software?

    But seems like common sense, only install something you trust and from a trusted source?

    But I don’t use Android or Apple – so can’t really comment.

    • Hi, I’m an Android user. Yes an application can provide you with superuser(If you aren’t familiar with Linux, it’s like administrator rights to the person), and manage settings of the root access for apps. But the phone needs to be rooted, which can be done by many third party applications.

      Furthermore yes, it is better to install applications from only trusted source, but not all applications that are widely available and famous may be from a trusted source.

  4. So, by not rooting our phones we are more “secure” from these malicious activities? Or are these vulnerabilities still present in the stock OS?

    • Seems like some malicious programs can gain root access on your phone even if you are running the stock OS, but that just comes from previous knowledge, take that with a grain of salt.

      • For malicious programs to mess with your phone or even run without a user noticing, it doesn’t need root, or the user to be rooted… there are systemless exploits out there that can run behind the system.

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel