The makers of the BlackPhone – a mobile phone on the market that offers unusually high levels of security – have patched a critical vulnerability that allows hackers to carry out malicious code on mobile phones.
Attackers only need one phone number to send a message that can compromise them Appliances through the Silent Text app.
The defect may have bad effects on BlackPhone as the device advertises for its security, and comes with a value that does not warrant errors.
Ο hacker Mark Dowd (mdowd) from Australia, co-founder of Azimuth Security, discovered the defect during a random survey in the last months of 2014. He shared his findings with the Register website before releasing bug fix - It will be released today.
“Successful exploitation can allow remote code execution with the privileges of the Silent Text app, which works like a regular Android app, but with some additional system privileges required to send and receive SMS. So the app has access to the contacts, to information locations, it can write to disk, and of course it has access to the network,” Dowd said, noting that it took him about a week to discover the bug.
The defect could also be combined with other exploits to fully control the device.