VPN bypass attack possible also on Android KitKat
Posted on 29 January 2014.
Security researchers at Ben Gurion University in Israel are on a roll when it comes to discovering Android security flaws, and they revealed the existence of a critical flaw in the latest mobile OS version.


In late December, they published their findings regarding a vulnerability they initially believed to be in Samsung's Knox architecture but turned out to be an Android 4.3 flaw that allowed attacker to perform a Man-in-the-Middle attack by bypassing VPN configurations to intercept data.

On Monday, they shared that Android 4.4 ("KitKat") is susceptible to the same attack (with some modifications).

"At first we could not reproduce it with the original vulnerability code since KitKat has a modified security implementation," the researchers noted in a blog post.

"Following an elaborate investigation we were able to reproduce the same vulnerability where a malicious app can bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address. These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure."

Google has, of course, been notified both times, and the researchers understandably didn't go into specific details about their exploit or the vulnerability and won't share that information until the flaw is fixed.

They haven't mentioned if they believe the flaw is being exploited in the wild by malicious attackers, so it's safe to assume they don't know. Of course, this doesn't mean there aren't any.









Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Nov 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //