A Chinese researcher has discovered an exploit that allows hackers to break into Appliances with Android through the Chrome browser.
Μιλώντας στο συνέδριο PacSec που πραγματοποιήθηκε στο Τόκιο, αυτό το μήνα, ο ερευνητής ασφαλείας Guang Gong της Qihoo 360 παρουσίασε το zero-day, καταφέρνοντας να αναλάβει πλήρως τον έλεγχο μιας ενημερωμένης devicewith Android.
The Chinese researcher used a V8 JavaScript error through the Chrome browser to gain control over a device Google Project Fi Nexus 6 which was running the latest version of the OS i.e. Android 6.0 Marshmallow.
He then used a Java flaw to install an arbitrary application that helped him gain remote control over the device.
The attack was called "one-shot exploit" since it can do virtually anything with one move. The hack is very serious, as millions of Android devices are at risk, as they all use JavaScript.