The Android Exploit - The new hacker

The new Android exploit seem to be more smart in hacking Android devices. The attacker using some javaScript v8 exploit, which help he/she to get the full administrative access to one’s device. once the device is hacked, then the hacker could load any app he/ she wants to the device. This could make the situation worse. it can lead to the entry of more malware or exploits.

The attack at the Pwn2Own has been showed off by Guang Gong - the Quihoo 360 researcher at yesterday’s Pacsec conference in Tokyo. Here the attacker does not need to use the help of any other exploits at first. The only thing the person need to do is to use chrome to visit a compromised website with the new exploit loaded. This need to to get control of a smartphone.The exploit of Guang Gong is one shoot it is the impressive thing. So the it doesn’t need to exploit several vulnerabilities to get privileged access. Once the phone accessed the website the javascript v8 the arbitrary application installed. This was happened in the case BMX bike game.Guang Gong didn’t public-ally announced the working of the exploit. He likely would qualify for some cash reward by Google’ bugs bounding program.

Google team is very alert towards such exploits and they pointed out that all their intention was to fix the bugs in sensible time frame. So the efforts of the exploit reporters seem to create a constructive effect.

"In essence, our pledge to you is to respond promptly and fix bugs in a sensible time-frame - and in exchange, we ask for a reasonable advance notice. Reports that go against this principle will usually not qualify, but we will evaluate them on a case-by-case basis," reads Google's description.