HTC’s latest Android smartphones are susceptible to attacks that reveal Wi-Fi credentials and passwords to attackers. This is the second security flaw found in HTC’s custom Android ROM in recent months.
|HTC’s Evo 3D|
The software vulnerability exposes wireless 802.1X passwords and other network credentials. The information procured isn’t limited to an active Wi-Fi connection, but also networks that were previously connected and trusted with the phone. According to Bret Jordan’s blog on My War with Entropy, the information is then sent to attackers.
Attackers can gain information of wireless networks by implementing rogue apps which commonly seek Wi-Fi permissions.
“When this is paired with the Internet access permissions, which most applications have, an application could easily send all stored Wi-Fi network credentials (user names, passwords, and SSID information) to a remote server,” Jordan writes on his blog.
The security flaw affects a variety of HTC builds and was identified by Chris Hessing. The vulnerable phones are:
Desire HD (both “ace” and “spade” board revisions) – Versions FRG83D, GRI40
Glacier – Version FRG83
Droid Incredible – Version FRF91
Thunderbolt 4G – Version FRG83D
Sensation Z710e – Version GRI40
Sensation 4G – Version GRI40
Desire S – Version GRI40
EVO 3D – Version GRI40
EVO 4G – Version GRI40
In response to the limp security, Google has made changes to the Android code to better conceal such credentials, while HTC has developed several software updates which are available here.
This is the second security issue identified with HTC’s custom Sense ROM within months.
Identified within October of 2011, HTC’s custom ROM would keep logs of email addresses, SMS data, location, phone numbers and system logs, which could then be shared with any application that simply requests access. Like the current glitch, the data could then be sent to via the internet to an attacker.
Read: Security Breach: HTC Phones Leak Personal Info