Despite being primarily concerned about hackers compromising our devices through malware and malicious apps, a newly discovered bug could allow an attacker with physical access to one of the best Android phones to see photos, contacts, browsing history stored on the device, other personal data, could potentially be able to view
As reported by Security Affairs, a security researcher named Jose Rodriguez discovered a new lock screen bypass vulnerability affecting smartphones running Android 13 or Android 14
Rodriguez discovered that it was possible to do so by exploiting the vulnerability after asking on social media whether it was possible to open a Google Maps link from his smartphone's lock screen
To make matters worse, Rodriguez claims to have reported the issue to Google in May of this year, but six months later, it still has not been patched Hopefully the search giant will address this bug soon, but until then, here's everything you need to know about this lock screen circumvention bug and what you can do right now to minimize its impact
The way an attacker could exploit this vulnerability to access data stored on your smartphone depends on how you have Google Maps configured
If drive mode is not enabled, attackers can access not only your contacts, but also your most recently visited and favorite places (such as home and work) From here, they can also share your phone's location in real time with any contact or via email, which must be entered manually
However, if Drive Mode is enabled, an attacker can chain this exploit with another exploit to access photos stored on your device and publish them or add them to your Google account as a profile picture or even add them as profile pictures to your Google account At the same time, attackers can also access extensive information about your account and how it is set up Rodriguez is currently investigating this part of the attack
Uninstalling Google Maps from your phone would prevent attackers from taking advantage of this lock screen bypass bug, but since it is a system app, it cannot be uninstalled
In an email to Tom's Guide, a Google spokesperson clarified, "We are aware of this reported issue and are working on a fix However, we do not yet have a timeline for when it can be rolled out to affect Android smartphone users
Given what we know so far about this lock screen circumvention bug, those who are truly concerned about attackers gaining access to their Android smartphones should consider disabling Google Maps' driving mode for the time being While there is no proprietary guide to this process, this support document from Google describes exactly what is needed to enable or disable driving mode
It is worth noting, however, that an attacker would need to have physical access to your smartphone in order to exploit this bug Therefore, until a patch is released to fix this issue, it would be safe to keep your smartphone out of sight In other words, you should not leave your smartphone on the table when eating out Similarly, when using a cell phone in public, you want to be aware of your surroundings, as someone could snatch the phone out of your hands
As for cyber attacks and other ways hackers can break into your phone online, the best Android antivirus apps can help keep you safe from malware, malicious apps, and other threats But if you're on a tight budget, you want to make sure Google Play Protect is enabled on your device, as it can also scan all of your existing apps and any new ones you download for malware stuff
This lock screen bypass bug is quite serious and applies to the latest versions of Android, so Google is already working on a fix, which could be rolled out soon
Comments