At least 25 Android smartphone models – 11 of which are sold by major US carriers – carry vulnerabilities out of the box, making them simple bypass for hackers, according to a new study by security researchers.
Researchers from Kryptowire found 38 vulnerabilities in 25 Android phones, according to Wired. They range from being able to lock someone out of the device to get unauthorized and secret access to the smartphone's microphone.
Ryan Johnson, Kryptowire's Research Director, and Angelos Stavrou, the company's CEO, revealed their findings on Friday at the Black Hat Security Conference in Las Vegas, according to Wired. Kryptowire's research was partially funded by the Department of Homeland Security.
Start the day with the news you need from the Bay Area and beyond.
Sign up for our Morning Report everyday newsletter.
When hackers exploit the predefined vulnerabilities on Android phones, trace all features and turn the phone into a monitoring tool to collect information about the owner, according to CNET, who also reported the study. Hackers can record screenshots, take screenshots, make a reset on a device, and potentially log off what the owner writes, reads, and contacts.
Vulnerabilities occurred largely after manufacturers tinkered with the open Android operating system to their liking and did not consider safety issues as a by-product, according to Wired.
"All of these are vulnerabilities that are prepositioned," said Stavrou, according to CNET. "It's important because consumers think they're only exposed if they download something bad."
Kryptowire notified smart phone companies of vulnerabilities before Friday's presentation, and the companies have a varied range of actions since. Necessarily said that they patched vulnerabilities shortly after they were informed, and LG, ZTE and Asus have patched some of the errors and continue to solve the problems, according to CNET.