Security is a major concern amongst Android users, and this week a major security vulnerability was found on Samsung devices which allowed handsets to be remotely wiped from the Dialer application. While Samsung says the issue has been fixed with a software update, it remains unclear whether or not other phones have been affected. Regardless, the mobile security experts at Lookout have rolled out an update to their official Android application, providing much-needed protection against malicious and hazardous phone numbers.
This makes Lookout Security & Antivirus the first application to successfully block the exploit. The protection works by scanning telephone links before they open. When selecting a telephone number, the service will proceed to warn you if the number is fake or malicious. It does require user input, however, as Lookout will ask if you’d like to scan the tel: link in question. As usual though, when making a selection you can set it as the default within the pop-up box. So, if you haven’t already updated to the latest version of Lookout, you can head to the Play Store link below. For those of you not currently using a security suite for your phone, now is probably a good time to start.
Lookout Releases Protection for Samsung and other Android Phones against Dialer Related Attacks
This week, a new vulnerability was discovered that affects Android phones. Security researchers on Monday demonstrated that the Android dialer could be exploited to remotely run commands that wipe the phone without users’ permission or knowledge. To help minimize the risk facing users, Lookout today released an update to its Lookout Mobile Security app on Google Play, which protects users from these dialer-related threats.
A dialer-related attack can be triggered in two ways:
- By clicking a phone number link (also known as tel: link) that is malicious on a web page while browsing from a phone. (i.e. when you’re surfing the web from your mobile device and you click the phone number on the website to make a call.)
- By opening a webpage on your phone that embeds a malicious tel: link as a resource (such as an iframe). (This can happen automatically, once the webpage loads, without clicking any links.)
The industry is working fast to patch this vulnerability. Google patched it for the stock Android dialer nearly three months ago (but it’s unknown how broadly that patch has been merged into OEM Android firmwares), and phone manufacturers and carriers have already issued patches for a number of popular device types.
While we’re not aware of malicious examples of a dialer-based attack in-the-wild, it still remains a concerning vulnerability: the worst known exploit results in total data loss, and there are likely a number of additional device-specific codes that are not being broadly discussed. The vulnerability still may affect many Android handsets. To check and see if your phone is affected, visit this exploit test page from your mobile phone.
How Lookout Keeps You Safe
All up-to-date Lookout users are protected against dialer-related attacks, however users must select Lookout as the default dialer for tel: links in order to be protected. Just follow these steps:
When you click-to-call from a web page on your mobile device, you will see the option to use the Android phone dialer or “Scan with Lookout before dialing”. To ensure the number is safe, select “Scan with Lookout before Dialing”.
Lookout will then scan the number and alert you if the number you are about to dial is about to complete an action you might not have intended, like wiping your data, your photos or returning your phone to a factory reset. If no threat is detected, your phone will then continue dialing the number selected.
Make sure you select “Scan with Lookout before Dialing” as your default setting to ensure the best protection when making web-based click-to-calls.