Thursday, May 2, 2019
Home / Mobile / VPN Encryption Vulnerability On Android Reveals plain-text

VPN Encryption Vulnerability On Android Reveals plain-text

Security analysts at Ben Gurion University in Israel have revealed a vulnerability in Android units that may allow an attacker to circumvent VPN configurations to intercept what are intended as secure communications.

“This vulnerability enables malicious apps  to bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address,” the researchers said.

“These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure.”

The group has created a  video to demonstrate the vulnerability actually in operation in which they use Wireshark, a packet capturing tool intercept  the VPN communications in plain text:

“This vulnerability is similar to the previous vulnerability we’ve disclosed to Samsung (two weeks ago) by the fact that both of them work in a similar manner while the difference among them is the exploit target. See more info on the previous story WSJ. A detailed report on the original disclosure process will be provided soon via this blog,” the researchers added in an post.

The researchers alerted Google’s Android security team and supplied information on the vulnerability and exploit, and will also be posting further updates when they are released.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …