- Click to share on Facebook (Opens in a new window)
- Click to share on Twitter (Opens in a new window)
- Click here to share on LinkedIn (Opens in a new window)
- Click to email a friend (Opens in a new window)
(CNN Business) - Researchers have discovered an alarming security flaw that could allow some Android applications to spy on users without their knowledge.
Discovered by the security company Checkmarx, the error could allow an aggressor to take control of the phone's camera and take photos or record videos through an application without the user's permission.
Samsung and Google phones seem to be at greater risk for this failure, which could affect "hundreds of millions" of users, the researchers said. But Checkmarx explained that he informed other phone manufacturers, because they could also be vulnerable.
- LOOK: These are the creepiest tech gifts for Christmas of 2019, according to Mozilla
Investigators discovered that attackers could gain access to stored videos or photos and operate the camera even when the application is closed. They also found that the phone's proximity sensor could be used to alert the attacker when the phone was kept close to the user's face.
Checkmarx first alerted Google and Samsung about the failure during the summer. Both companies confirmed the error. Thanks to this, Google released an update in July.
"We appreciate that Checkmarx has informed us and works with Google and Android partners to coordinate the disclosure," a Google spokesman said in a statement. "The problem was resolved on affected Google devices through an update on the Google Store app's Play Store in July 2019."
- READ: Without Google or Facebook: Huawei's challenge to sell its new leading phone outside of China
Samsung told CNN Business that the company has released updates since the problem was discovered.
"We recommend that all users keep their devices updated with the latest software to ensure the highest level of protection possible," said a Samsung spokesman.
Android Security Failure Hackers