Home Tags Nexus 6P

Tag: Nexus 6P

Another Android flagship, the Nexus 6P, ends up in a class-action...

"When the bootlooping occurs, the phone is essentially a very expensive paperweight."

Android 7.1.2 leaves beta, arrives on Pixel and Nexus devices

The Pixel C gets the Pixel skin and a new recent apps screen; everyone else gets bug fixes.

Google launches Android 7.1.2 beta for Pixel and Nexus devices

New bugfixes for Google devices foreshadow the end for the Nexus 6 and 9.

Mobile Pwn2Own Hackers Win for Android, iPhone Exploits

At the 2016 mobile Pwn2Own event, held on Oct. 26 in Tokyo, security researchers were able to exploit devices that vendors had fully patched.
In total, Trend Micro's Zero Day Initiative (ZDI) awarded $215,000 to researchers for security flaws in an And...

This is not a drill: Hackers pop stock Nexus 6P in...

Keen hackers at Mobile Pwn2Own The Nexus 6P appears to have been hacked with attackers at the Mobile Pwn2Own contest installing malware without user interaction in less than five minutes. The hack by China's Keen Team happened minutes ago at the Tokyo event and does not require users to do anything. It is as of the time of writing yet to be confirmed but contest organisers tell El Reg they are confident of its legitimacy. Mobile Pwn2Own at the PacSec security conference in Japan pits hackers against the latest phones for a share of US$375,000 (£308,000, A$487,000) handed out by Trend Micro's Zero Day Initiative. The Nexus 6P, Apple iPhone 6S, and Samsung Galaxy S7 will be targeted by hackers who have over previous months developed tailored and often highly-sophisticated chained exploits against the device. Hackers of noted exploit crew Keen Team stand to win US$100,000 (£82,000, A$130,000) in prizes should the 6P hack be confirmed. MWR Labs hackers Robert Miller and Georgi Geshev will within hours also target the Nexus 6P in a bid to install a malicious application, and will score the US$100,000 prize even if Keen's exploit is confirmed. Keen will also target the iPhone 6S attempting to install another rogue application on the stock and updated device for a prize of US$125,000 (£103,000, A$162,000) The team will then return in a bid to rip photos from a locked iPhone 6S.
If successful the crew will bag US$50,000 (£41,000, A$65,000). Each team under the contest rules has five minutes, over three attempts for a total of 20 minutes to pop devices. Keen hacked the Nexus 6P on its first attempt and used the remaining slots to add flair and style to the exploits in a bid to claim the Master of Pwn award worth US$25,000 (£21,000, A$32,000). Hacks can require users to browse to malicious content within the default browser or by viewing or receiving a malicious MMS/SMS messages. More to come. ®

Happy VXers get 400 enterprise-popping apps hosted on Google Play

Up to half a million downloads clocked for one poision app. More than 400 malicious apps from a single attacker have been successfully uploaded to the Google Play store, with one downloaded up to half a million times, Trend Micro malware researcher Echo Duan says. The malware is disguised as various games, phone boosters, and themes that when executed can compromise devices and connected networks, download additional payloads, and enslave handsets into botnets. Such malware is usually barred from the Google Play store thanks to security analysis checks Mountain View runs to determine apps that steal user data, spam with advertisements, or adversely impact privacy. The prolific authors who have created some 3000 variants of the DressCode malware have had a significant win in breaching Google's defences since apps hosted on the Play store are considered and marketed as safe. Duan says the malware attempts to gain a foothold on any networks the compromised handsets are connected to making it a threat to to enterprises and small businesses. This malware gives attackers an avenue into internal networks which compromised devices are connected to—a notable risk if the device is used to connect to company networks. "If an infected device connects to an enterprise network, the attacker can either bypass the NAT device to attack the internal server or download sensitive data using the infected device as a springboard," Duan says. "With the growth of bring your own device programs, more enterprises are exposing themselves to risk via care-free employee mobile usage. "[The installed SOCKS proxy] can be used to turn devices into bots and build a botnet." DressCode and you.
Image: Trend Micro. Duan says the malicious code was a small fraction of the total app codebase making it "difficult" for Google to detect. One app offering a Grand Theft Auto theme for Minecraft clocked between 100,000 and 500,000 downloads according to Google Play's metric bands. Compromising modern Android handsets is increasingly difficult for regular malware players thanks to big leaps in defensive upgrades, but most phone users run old, unsupported, and dangerously exposed versions of the mobile operating system. Some 35 percent of Android users operate version five (Lollipop) of Google's platform released in 2014, while about 25 percent run ancient version 4.4 (Kitkat) published in 2013. Fewer than 10 percent run Android version six (Marshmallow) released last year and virtually no one other than owners of Nexus 6P devices sports version seven (Nougat) published last month. Outside of the Nexus line, handsets everywhere are locked into custom vendor ROMs and as such must reply on manufacturers to push through Google's security updates and patches. Trend Micro says it flagged some 16.6 million malware detections as of August, 40 per cent up on January figures. ®

Can You Hack Nexus 6P, 5X? Google Might Have $200K for...

The Project Zero Prize contest encourages people to find vulnerabilities in the Nexus 6P and 5X handsets. Google is giving away upwards of $200,000 to find exploits in its Nexus 6P and Nexus 5X handsets. The Project Zero Prize contest encourages hack...

Google offers $200K for top prize in new Android hack challenge

Google yesterday announced a six-month bug contest that will pay up to $200,000 for an Android "bug chain," one or more successful exploits of previously unknown vulnerabilities. Dubbed "Project Zero Prize," it differed from hacking contests that take ...

Pwn2Own Contestants Could Win $250K by Hacking iPhone

A new iteration of the P2wn2Own mobile hacking contest takes aim at iOS and Android. The mobile Pwn2Own hacking contest is back for 2016, this time offering top prize of $250,000 to any security researcher who forces an Apple iPhone to unlock.The Pwn2Own contest has undergone a bit of a transition as Hewlett Packard Enterprise sold the Zero Day Initiative (ZDI) group that sponsors the event to Trend Micro earlier this year.

The browser edition of the Pwn2Own event was held in March and was jointly sponsored by HPE and Trend Micro.

The mobile Pwn2Own 2016 contest being held next month will be the first time a Pwn2Own event doesn't benefit from HPE sponsorship."To us, it's still Pwn2Own," Brian Gorenc, senior manager of vulnerability research at Trend Micro, told eWEEK. "We always hope each contest brings us something new we haven't seen before, but if you've seen the contest, it should look very familiar."During the 2016 Pwn2Own browser event, which was held at the CanSecWest conference in Vancouver, ZDI awarded a total of $460,000 in prize money to researchers for publicly demonstrating new zero-day exploits in web browsers. The mobile Pwn2Own event will be held Oct. 26-27 at the PacSec Security Conference in Tokyo, and the total available prize pool is set to top $500,000.

For the 2016 mobile event, ZDI is asking researchers to target three specific mobile devices: the Apple iPhone 6x, the Google Nexus 6p and the Samsung Galaxy Note7. Across all of the targeted devices, ZDI is tasking researchers with a number of challenges.

The first is to obtain sensitive information from a device. ZDI is awarding $50,000 to those who exploit a device to get access to sensitive information on the iPhone or the Google Nexus.

A researcher who is able to get sensitive information off a Galaxy will be awarded $35,000.Another challenge at mobile Pwn2Own 2016 is to install a rogue application on a targeted device.

A $125,000 prize will be awarded for the installation of a rogue app on the iPhone; on the Google Nexus, the reward is $100,000; and on the Samsung Galaxy, $60,000."Each phone will be running the latest operating system available at the time of the contest, and all available patches will also be applied," Gorenc said. "This can lead to some late nights as ZDI researchers update phones in the days leading up to the contest, but we feel it's best to have the latest and greatest targeted."Gorenc said all of the targeted devices will be in their default configuration. On iOS, that means Pwn2Own contestants must target Safari, as this is the default browser and most common, realistic scenario for users of that device.
In the past, Pwn2Own contestants have demonstrated many WebKit browser rendering engine related vulnerabilities. WebKit is the core rendering engine behind Safari and has many components that are also used in Google's Chrome."The threat landscape shifts so much from contest to contest that it's hard to predict what component will be targeted," he said. "WebKit will likely make an appearance, but we're hoping to see some new techniques and research as well."For the installation of the rogue application, Gorenc said that ZDI has no requirements for the app. "We will leave it up to the contestant to express their creativity during the public demonstration," he said.iPhone UnlockThe biggest single prize at the mobile Pwn2Own 2016 event goes to the researcher who is able to successfully force an iPhone to unlock.

The challenge of unlocking an iPhone has been a hot topic in recent months.

The FBI reportedly paid as much as $1.3 million to bypass the iPhone lock screen.

And Apple started its own bug bounty program, with a $200,000 prize, while security firm Exodus Intelligence will pay a top prize of $500,000 for an iOS zero-day flaw.Gorenc believes offering $250,000 for an iPhone unlock exploit is a good size prize."We feel this amount is not a bad payday for what will clearly be a significant amount of research needed to accomplish this hack," he said. "Along with the money, the researcher will get the recognition that comes with winning Pwn2Own."In the end, Gorenc said, it's the marketplace that will let ZDI know if $250,000 is a fair price; he's optimistic that someone will actually attempt to publicly force an iPhone to unlock."Finally, by reporting this through ZDI, the bugs will actually get fixed by the vendor," Gorenc said. "That's better than some of the alternatives."Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist.

Qualcomm Chipset Vulnerabilities Expose 900M Android Devices

The four chipset bugs could be exploited by attackers to gain control of a smartphone or tablet and access sensitive data, according to Check Point. A set of security vulnerabilities in Qualcomm chipsets has put 900 million Android smartphones and tablets at risk of being taken over by hackers, according to researchers at security technology vendor Check Point Software Technologies.At the DefCon 24 show in Las Vegas Aug. 7 and in a post on the company blog, Adam Donenfeld, a security researcher with Check Point outlined the four vulnerabilities that he has pulled together under the name QuadRooter.

The security flaws in the Qualcomm chipsets open up the Android devices to being taken over by hackers who can gain control and unrestricted access to personal and corporate information on them, Donenfeld wrote in the blog post.Check Point reported the vulnerabilities to Qualcomm between February and April, and the vendor has released fixes for all four. However, Qualcomm's position at the world's largest mobile chip maker has put a wide range of devices at risk, and the fragmented nature of the Android market presents challenges to ensuring that all the smartphones and tablets can be protected in a timely fashion."QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets," Donenfeld wrote. "Qualcomm is the world's leading designer of LTE chipsets with a 65% share of the LTE modem baseband market.
If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device. … If exploited, QuadRooter vulnerabilities can give attackers complete control of devices and unrestricted access to sensitive personal and enterprise data on them.

Access could also provide an attacker with capabilities such as keylogging, GPS tracking, and recording video and audio." In a statement to journalists, Qualcomm officials said the company had "made patches available for all four vulnerabilities to customers, partners, and the open source community between April and July." According to Check Point officials, the vulnerabilities are in the software drivers in the chipsets, which makes any Android device using the chipsets exposed.

The drivers control communications between components on the chipset, Donenfeld wrote.

A problem is that because these vulnerable chipsets are built into the smartphones and tablets before they ship, they can only be fixed by installing a software patch from the device maker or carrier.

Those companies get the patches through fixed driver packs from Qualcomm."This situation highlights the inherent risks in the Android security model," Donenfeld wrote. "Critical security updates must pass through the entire supply chain before they can be made available to end users. Once available, the end users must then be sure to install these updates to protect their devices and data."At the same time, older devices that no longer are supported may not get the update.According to Check Point, an attacker can exploit the vulnerabilities by using a malicious app that don't need any special permissions, which may reduce the suspicion of any users considering downloading it.Check Point has released a free scanner app in the Android Play store that end users can use to see if their devices are at risk to from the QuadRooter vulnerabilities.

Among the devices that use these chipsets from Qualcomm includes Google's Nexus 5X, Nexux 6 and Nexus 6P, HTC's One, M9 and 10, the G4, G5 and V10 from LG Electronics, Samsung's Galaxy S7 and S7 Edge and Sony's Xperia Z Ultra, according to Check Point.Check Point is urging users to download and install the latest Android updates as soon as they become available and to carefully examine any app installation request before accepting it to ensure it's legitimate.
In addition, users should only download apps on Google Play and avoid apps found on third-party sites, and they should only use trusted WiFi networks or—when traveling—only use those that can be verified as coming from a trustworthy source.

'Quadrooter' Bug Puts Android Devices At Risk

Qualcomm and Google claim to have patched all but one of the four vulnerabilities. Android owners, beware: Security flaws found in Qualcomm processors serving Google's mobile operating system could put your devices at risk. Researchers at security firm Check Point researchers recently discovered the vulnerabilities, which may affect as many as 900 million devices. During last week's Def Con security conference in Las Vegas, Check Point's Adam Donenfeld revealed four new privilege escalation exploits—together dubbed "Quadrooter"—which can be used to remotely gain root access to Android handsets. An attacker simply needs to trick a user into installing a malicious app, and the cyberthief gains unfettered access to saved data. The attacker can also change or remove system-level files; delete or add apps; and access the device's screen, camera, or microphone, the security firm said. Since the vulnerable drivers are pre-installed, they can only be fixed via a patch from distributors or carriers. Those companies, meanwhile, can only push the repair after receiving new driver packs from Qualcomm. Qualcomm claims to have already fixed all four flaws, and Google said it patched three in an August update; the final debugging will come with the company's next security update, Android Headlines said. Neither Qualcomm nor Google immediately responded to PCMag's request for comment. Concerned Android owners can download Check Point's free QuadRooter Scanner app, which, as its name suggests, scans your phone to see if the necessary patches have been downloaded and installed. Even the most secure devices are at risk, according to Check Point, which provided the following list of affected smartphones: BlackBerry Priv Blackphone, Blackphone 2 Google Nexus 5X, Nexus 6, Nexus 6P HTC One, HTC M9, HTC 10 LG G4, LG G5, LG V10 New Moto X by Motorola OnePlus One, OnePlus 2, OnePlus 3 Samsung Galaxy S7, Galaxy S7 Edge Sony Xperia Z Ultra Qualcomm just last month unveiled its latest mobile processor, the Snapdragon 821, boasting 10 percent better performance than the 820; the latter just recently began showing up in gadgets like the Galaxy S7 and HTC 10.

Major Qualcomm chip security flaws expose 900M Android users

John Palmerreader comments 30 Share this story Four major security holes in the Qualcomm chips which power modern Android devices have left as many as 900 million users vulnerable to a range of attacks. According to Israel-based security firm Checkpoint, the flaws—dubbed "Quadrooter"—found in the firmware which governs the chips, could allow potential attackers to "trigger privilege escalations for the purpose of gaining root access to a device" using malware which wouldn't require special permissions, allowing it to pass under suspicious users' radars. Qualcomm makes chips for the majority of the world's phones, holding a 65 percent share of the market. Most of the major recent Android devices are expected to be affected by the flaw, including: BlackBerry Priv Blackphone 1 and Blackphone 2 Google Nexus 5X, Nexus 6, and Nexus 6P HTC One, HTC M9, and HTC 10 LG G4, LG G5, and LG V10 New Moto X by Motorola OnePlus One, OnePlus 2, and OnePlus 3 Samsung Galaxy S7 and Samsung S7 Edge Sony Xperia Z Ultra Three of the four holes have already been patched, with a solution for the fourth on the way. However, most users are at the mercy of their handset manufacturers if they want these patches applied. Owners of Google's Nexus devices have already had patches pushed to their phones, but other manufacturers have historically been less interested in patching flaws found in their devices after release. According to Checkpoint—which revealed its findings over the weekend at the Defcon security conference in Las Vegas—the "vulnerabilities can give attackers complete control of devices and unrestricted access to sensitive personal and enterprise data on them." Since the vulnerable drivers are pre-installed on devices at the point of manufacture, they can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm. This situation highlights the inherent risks in the Android security model. Critical security updates must pass through the entire supply chain before they can be made available to end users. Once available, the end users must then be sure to install these updates to protect their devices and data. Ars sought comment from Qualcomm, but it was yet to respond with an official statement at time of publication. This post originated on Ars Technica UK