Researchers from the internet security company Kryptowire found bugs in firmware in 10 different smartphones.
This weakness in security can cause various problems, ranging from attackers controlling the smartphone microphone until the attacker locks the device.
Although indeed, most of these attacks can only be done if the user also downloads the application with malware. The study, funded by the Department of Homeland Security, was presented at the Black Hat USA security conference.
According to Kryptowire, weaknesses in the Android security system are caused by the fact that the mobile operating system is open-source, allowing third parties to modify the code and create an entirely different Android version.
The source system also creates security holes in the device security system. Researchers consider security problems like this to be found on Android.
“Many suppliers want to be able to add their own applications by customizing. This increases the likelihood of attacks and increases the likelihood of errors in software,” said Angelos Stavrou, CEO of Kryptowire Angelos Stavrou.
Some smartphone manufacturers such as Essential, LG, and ZTE, said that they had resolved all the problems found by Kryptowire after they were notified of these weaknesses.
However, it is still unknown whether they have issued an update to patch the existing security holes.