A Chinese researcher has discovered a exploit that allows hackers to invade Android devices through the Chrome browser.
Speaking at the PacSec conference held in Tokyo this month, Qihoo 360's Guang Gong security researcher unveiled zero-day, managing to take full control of an updated Android device.
The Chinese researcher used a bug of his JavaScript V8 through the Chrome browser to gain control over a Google device Project Fi Nexus 6 which was running the latest version of the OS ie Android 6.0 marshmallow.
He then used a Java flaw to install an arbitrary application that helped him gain remote control over the device.
Η attack ονομάστηκε “one-shot exploit” αφού ουσιαστικά μπορεί να κάνει τα πάντα με μια κίνηση. Το hack είναι πολύ σοβαρό, καθώς κινδυνεύουν εκατομμύρια συσκευές με Android, αφού όλες χρησιμοποιούν το JavaScript.
