A truly amazing (and scary) exploit was showcased at the MobilePwn2Own event at the PacSec conference in Tokyo yesterday, gaining control over the Android operating system in one fell swoop, so to speak. The exploit went through the JavaScript v8 engine in Chrome, when the phone browsed a malicious website. It didn’t require multiple chained vulnerabilities as other exploits do.


Quihoo 360 researcher Guang Gong developed this exploit over a period of three months, but did not fully explain the details of the exploit. A Google security engineer onsite acknowledged the vulnerability, and it looks like Google will pay a security bug bounty for the vulnerability. Better that than it being explouted by malicious groups, right?

“The impressive thing about Guang’s exploit is that it was one shot; most people these days have to exploit several vulnerabilities to get privileged access and load software without interaction, ” PacSec organiser Dragos Ruiu said. “As soon as the phone accessed the website, the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application without any user interaction to demonstrate complete control of the phone.”

With an exploit likethis, it is very likely that most modern versions of Android will have this vulnerability. Pretty scary if you think of the volume of people that can be directed and redirected to a malicious site. We can just hope that Google, Chrome, and indeed Java will plug this hole immediately.

VIA: The Register