Thanks to Android's open platform features, Google has managed to partner hundreds of OEMs (Original Equipment Manufacturers) to build Android phones, which according to latest reports it accounts more than 80 per cent (two billion plus) of the active touch-screen mobiles in the world. However, a small bug in the operating system can make billions of devices vulnerable to hacking and it's exactly what has happened now.
Nightwatch Cybersecurity has discovered a loophole in Android that broadcasts 'intents', one of the ways for inter-process communication. This apparently allows an application or the OS to send a message system-wide which can be listened to by other applications.
This 'intents' contain information such as the Wi-Fi network name, BSSID (Basic Service Set Identifier), local IP addresses, DNS server information and the MAC (Media Access Control) address.
Should you be worried about this Wi-Fi glitch in Android phone?
Yes, this a serious issue. If cybercriminals get access to MAC address, BSSID and the Wi-Fi network, the phone currently connected to, they can track the phone user's location on a map at all time and if they want they can send these to their clients to spam them with local ads and possibly try spying on them.
Though there is a system in place to restrict which app can access this information via app permission, the user most often times forgets to uncheck while installing the app and even sometimes app developers fail to implement this restriction properly or mask the sensitive data.
Taking cognisance of the issue, Nightwatch Cybersecurity reached out to Google about the bug. The latter has acknowledged the fault in the Android OS but said it will only be fixed in the latest Android 9.0 Pie. However, Android Oreo and older OS versions including the custom version of FireOS (of Amazon Kindle series), which powers more than two billion devices are now vulnerable to this glitch.
This is a developing story and we expect older Android OS-powered phone owners to protest against Google's move to offer to fix only the latest Android Pie-powered phones.