Google Pixel Phones Have Major Security Loophole

X

While Google unveiled an impressive range of new-generation Pixel 9 phones this week including a standard model — the Pixel 9 — and three Pro models: the Pixel 9 Pro, Pixel 9 Pro XL, and Pixel 9 Pro Fold, new reports have emerged indicating a security vulnerability in most Pixel phones sold since September 2017.

These devices feature software that can be used to covertly surveil or remotely control users’ phones, according to a new report by cybersecurity company iVerify.

The vulnerability was discovered after iVerify’s endpoint detection and response (EDR) scanner flagged an insecure Android device at Palantir Technologies, an iVerify client, reported The Verge.

After launching a joint investigation, iVerify, Palantir, and Trail of Bits discovered a hidden Android software package — Showcase.apk — across Google Pixel devices.

Showcase.apk, a third-party application was developed by a company called Smith Micro Software, according to iVerify’s report. It was apparently installed by Verizon on Pixel phones in the US.

cyber crime scaled 1 Google Pixel Phones Have Major Security Loophole

Installing it makes them useful to show off the phone as a demo device at Verizon stores, but the same program also contains deep system privileges giving potential hackers “backdoor” access to the device.

The app was inactive by default but had to be manually enabled, the iVerify report noted. “When enabled, Showcase.apk makes the operating system accessible to hackers and ripe for man-in-the-middle attacks, code injection, and spyware,” the report reads. “The impact of this vulnerability is significant and could result in data loss breaches totaling billions of dollars.”

In response to the discovery, data-mining firm Palantir which sells surveillance products to governments and private companies, banned Android phones across the company.

“This was very deleterious of trust, to have third-party, unvetted insecure software on it,” Dane Stuckey, Palantir’s chief information security officer, told The Washington Post. “We have no idea how it got there, so we made the decision to effectively ban Androids internally.”

iVerify reportedly notified Google about the report in early May. Google had not publicly disclosed the vulnerability even though it was notified in May, nor did it release a software update to remove the problem.

Google has now stated that the software is no longer in use. Google spokesperson Ed Fernandez said the software was made “for Verizon in-store demo devices and is no longer being used,” adding that Google has “seen no evidence of any active exploitation.”

Wired has reported that Android would now remove the app from all Pixel devices “in the coming weeks.”

Whatmough 728x90 Google Pixel Phones Have Major Security Loophole
728x90 Google Pixel Phones Have Major Security Loophole
Litheaudio 728x90 Google Pixel Phones Have Major Security Loophole
728x90 Google Pixel Phones Have Major Security Loophole
05 Channel New Banner T30S COMBO 728x90 Google Pixel Phones Have Major Security Loophole
BlueAnt 4SQM X5iPartySpeaker 728x90px Google Pixel Phones Have Major Security Loophole
240215 SAV R Volution CNewsFeb Leaderboard 1 Google Pixel Phones Have Major Security Loophole
728x90 Google Pixel Phones Have Major Security Loophole
4SquareMedia 728x90 scaled Google Pixel Phones Have Major Security Loophole
BEL2385 4SQ Dock Banners 4SQ 728x90 Google Pixel Phones Have Major Security Loophole
Haier 728x90 1 Google Pixel Phones Have Major Security Loophole
QUEEN 728x90 Google Pixel Phones Have Major Security Loophole
Flick of a switch 728x90 1 Google Pixel Phones Have Major Security Loophole
PAN0029 Digital Banners Curry Leaderboard 728x90 02 Google Pixel Phones Have Major Security Loophole
728x90 Iconic Google Pixel Phones Have Major Security Loophole
Martin Logan 728 x 90 Google Pixel Phones Have Major Security Loophole
728X90 Google Pixel Phones Have Major Security Loophole
Leaderboard 728x90 1 Google Pixel Phones Have Major Security Loophole
Middleton 728x90px Product Google Pixel Phones Have Major Security Loophole
ARLO MG3 2024 Banner 728x90px Google Pixel Phones Have Major Security Loophole
iP16 4SQRmedia 970 x 90 px 03 Google Pixel Phones Have Major Security Loophole
hitachi banner 728x90 Google Pixel Phones Have Major Security Loophole

YOU MAY ALSO LIKE