LG has recently fixed two severe vulnerabilities that affected the default keyboard on all mainstream LG smartphones, including its flagship handsets; the flaws could be easily exploited by hackers to execute code with elevated privileges remotely.
LG’s recent update also includes a fix for a critical Android issue, from Google.
Companies and individual people must take certain precautions against every vulnerability; they should implement at least one cybersecurity solution, like an antivirus, to protect their systems. Necessary things like regularly updating operating systems, using antivirus for Windows, an antivirus for Mac, or antivirus for Android, chose depending on which OS your device is running. Companies must also hire professional cybersecurity firms to do regular checkups to their internal network a couple of times per year. These checkups must always include at least a penetration test and various ethical hacking tests.
The first vulnerability has to do with the fact that LG’s keyboard supports handwriting modes in various languages. When a user installs a new language or an update for an existing one, the device calls out a hardcoded server, from which it downloads the requested language file or library. The problem is that this download is done over an insecure HTTP connection, which can be exploited by a man-in-the-middle attack.
The second vulnerability is a validation flaw in LG’s file system. The resource files within the LG keyboard package sandbox can be modified; and, LG’s keyboard application grants executable permissions for any downloaded library file with the .so extension. If a hacker has gained MITM access via the first flaw, he can now inject a rogue executable file by merely appending the .so extension to a library download.
LG’s keyboard loads the library indicated in Engine properties configuration file on the application’s startup, here a rogue library can be easily injected into the file, and the malware would be loaded as soon as the keyboard process restarts.
These vulnerabilities are unique and only work with LG devices.
Be aware because the attack area is enormous: The Korean giant’s phones holds about 16% of market share only in the U.S.
The general Android vulnerability, which affects not only LG but other Android phones, is a critical vulnerability located in Media framework that could enable a remote hacker to execute arbitrary code within the context of a privileged process, using a specially crafted file.
LG patched all of these vulnerabilities in its May security update.
Keep in mind that every phone represents a network entry point or a valuable data bank that must be protected by at least one cybersecurity solution like an antivirus. Depending on which OS your device is running, install an antivirus for Windows, an antivirus for Mac, or antivirus for Android for total protection. Companies must take an extra step and hire a professional cybersecurity firm that will run various cybersecurity tests on company’s network to implement only the best possible cybersecurity solution available. Always opt for a package that includes at least one penetration test and various ethical hacking tests. For companies that exist 100% online, we recommend the using of cyber-secured web hosting services.