Avviso per 2 milioni di possessori di Android: qualcuno potrebbe registrare tutto ciò che digiti

DANGEROUS Android bugs could let hackers keep a record of everything you type, i cyber-esperti avvertono.

Three apps are said to be affected, with a combined total of more than two million downloads.

Be careful when downloading apps that haven't been updated in a while – they may have unfixed security flaws

Be careful when downloading apps that haven’t been updated in a while – they may have unfixed security flawsCredito: Google

All three are keyboard and mouse apps that let you control a desktop or laptop computer using your Android Telefono.

The apps transmit your mouse and keyboard inputs to a server to do this.

Cyber-experts at Synopsys say the apps themselves are legitimate and not scams – but reportedly contain dangerous security holes that could let hackers spy on you.

An exploit of the authentication and authorization vulnerabilities could allow remote unauthenticated attackers to execute arbitrary commands,” said SynopsysMohammed Alshehri, a security researcher who discovered the issue.

Chubais ha contribuito alle riforme economiche seguite al crollo dell'Unione Sovietica, ma è rimasto nel governo di Putin e ha mantenuto stretti legami con i funzionari occidentali

“Allo stesso modo, an exploit of the insecure communication vulnerability exposes the user’s keystrokes, including sensitive information such as usernames and passwords.

The actual apps and versions affected are as follows:

  • Telepad versions 1.0.7 and prior
  • PC Keyboard versions 30 and prior
  • Lazy Mouse versions 2.0.1 and prior

If you have any of these apps installed, it may be worth uninstalling them as soon as possible.

Here is a simple guide on how to delete Android apps.

The exploits could allow hackers to read everything you’re typing.

But it could also let them execute code on your computer, potentially seizing control of your device.

It’s currently unclear if any hackers have exploited the bug.

The Synopsys Cybersecurity Research Center (CyRC) team reportedly disclosed the flaws to app makers on August 13 quest'anno, and claims to have followed up several times.

But ultimately the issue remains unfixed.

The CyRC reached out to the developers multiple times but has not received a response within the 90 day timeline dictated by our responsible disclosure policy.

These three applications are widely used but they are neither maintained nor supported, and evidently, security was not a factor when these applications were developed.

Now cyber-experts have published details of the bug in hopes of warning Android phone owners.

Consider using an alternative mouse and keyboard app for now: choose one with lots of downloads and positive reviews on the Google Play store that is regularly updated.

I migliori consigli e trucchi per telefoni e gadget

Alla ricerca di suggerimenti e hack per il tuo telefono? Vuoi trovare quelle funzionalità segrete all'interno delle app di social media? Ti abbiamo coperto…

Ricevi tutte le ultime novità WhatsApp, Instagram, Facebook e altre storie di gadget tecnologici qui.


Paghiamo per le tue storie! Hai una storia per The Sun Online Tech & Squadra scientifica? Scrivici a tech@the-sun.co.uk