A new vulnerability found within Android’s Media Projection service has threatened the security of mobile cryptocurrency wallets on the platform.
Android may be the world’s forefront operating system – having overtaken Microsoft Windows earlier this year – yet that by no means equates the platform to being the most secure system around. Now, a newly discovered vulnerability tied to Android’s Media Projection service threatens the use of mobile cryptocurrency wallets.
Android’s Media Projection service handles recording screen and audio content on the platform. As of Android 5.0 Lollipop, the service has been able to capture media from third-party as well as system applications.
Now, a newly discovered vulnerability within the service has given hackers an easy port of call to recover sensitive information from a target’s Android device – meaning that all users with devices running Android 5.0 Lollipop and above have been affected.
While Android users traditionally see a pop-up indicating that their device is recording on-screen content, hackers are able to suppress this alert through a technique called ‘tapjacking’ – essentially giving themselves silent oversight of any Android device’s content.
At the time of writing, Google has offered a security patch for Android 8.0 Oreo, but has not yet addressed the error on prior versions of the operating system.
The news could be potentially crippling for users of mobile cryptocurrency wallets, which traditionally guard one’s funds from malicious access – cryptocurrencies such as Bitcoin have, in the past, proven an attractive swindle considering the difficulty associated with performing a refund.
Android users leveraging a mobile wallet on their device should enable two-factor authentification – preferably with a different device – to prevent unauthorized access to their accounts.
What are your thoughts? Are you affected? Be sure to let us know your opinion in the comments below!