Security researchers at Ben Gurion University in Israel have disclosed the discovery of a vulnerability in Android devices that would allow an attacker to bypass VPN configurations to intercept what are intended to be secure communications.
“This vulnerability enables malicious apps to bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address,” the researchers stated.
“These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure.”
The team put together the following video to demonstrate the vulnerability in action in which they employ a packet capturing tool to harvest the VPN communications in plain text:
“This vulnerability is similar to the previous vulnerability we’ve disclosed to Samsung (two weeks ago) by the fact that both of them work in a similar manner while the difference among them is the exploit target. See more info on the previous story WSJ. A detailed report on the original disclosure process will be provided soon via this blog,” the researchers stated in an update.
The researchers notified Google’s Android security team and provided details of the vulnerability and exploit, and will be posting further updates as they become available.
Read More Here…