Viber is an Internet application that allows messaging and other tasks that is a rival to Skype. Reports have surfaced that indicate Viber has a serious security vulnerability that would allow nefarious users to completely bypass the device’s lock screen. The security flaw is a serious threat to a number of users, the app is been downloaded over 100 million times.

The Viber flaw can be exploited on a number of Android smartphones including devices from Samsung, Sony, and HTC according to security firm Bkav Internet Security. The specific techniques required to exploit the flaw on various brands of smartphones do vary according to the security company. However, no matter the technique, the exploit takes advantage of the way Viber handles pop-up messages.

A Viber spokesperson said that the company is aware of the flaw and the potential exploit. The spokesperson says that the company will have a fix the patch the flaw available next week. The company learned that the exploit existed on Wednesday of this week, so they are working quickly.

This application flaw is most recent to surface in a rash of security vulnerabilities in various applications that allow hackers to bypass a device’s lock screen. Lock screens are important to many users to help keep unauthorized people from accessing e-mails, websites, and contacts. The video below shows the exploit being taken advantage of to bypass the lock screen on a Samsung device.

[via ArsTechnica]

  • Hi,

    This is a member of the Viber Team.

    We are researching this issue at the moment and we will release an update very soon. We care a lot about our users’ security, and so we see this as a first priority task.

    Meanwhile, until we release the fixed version and as a temporary workaround, it is possible to disable the auto-unlocking of the screen through Viber’s settings. This will eliminate the security glitch completely.

    Stay tuned for the upcoming update 🙂

    Viber Team

    • alex

      i take it this is fixed now?

  • Gustavo Gomez

    The article needs to be updated with the Viber solution. Thanks

  • You can get a fix here: