An Android security expert scheduled to speak at the Black Hat annual hacking conference in Las Vegas has announced his discovery of several major security flaws in Android and some of its popular apps – but won’t release the names of the apps concerned for fear of causing “mayhem”.
Privateer Labs founder Riley Hassell said that the security weaknesses could be exploited by hackers to take control of Android devices remotely. “Some apps expose themselves to outside contact” Hassell told Reuters. “If these apps are vulnerable, then an attacker can remotely compromise that app and potentially the phone using something as simple as a text message.”
Hassell claims the bugs affect half a dozen of Android’s most popular apps. However, while Hassell has been in contact with Google about the bugs, the company denied that there was a problem, saying that its security experts had found that the “identified bugs are not present in Android.”
Hassell’s reasoning for not releasing the list of affected apps was that doing so would make users more vulnerable to attacks in the time it would take to patch the bugs. “When you release a threat and there’s no patch ready, then there is mayhem” he said. More details on the apps affected – and their patches – when we hear them.