Hackers Hack Android Users’ Media Files

Malicious Audio File Tricks Consumers

Dark web hackers have been linked to stolen media files from Android users, the hacking incident occurred due to a flaw in the implementation of the Apple Lossless Audio Codec. The scam was revealed by security analysts, who discovered the flaw in their analytical research, warning Android manufacturers that Android devices that run on Qualcomm and MediaTek chipsets were vulnerable to arbitrary code execution (ALAC).

ALAC is a lossless audio compression audio coding format, which is utilized as an Apple open-sourced code since 2011. Subsequent releases by the tech giant issued updated formats to patch the discovered security vulnerabilities. However, while the company has released important updates to fix the flaw, it is still expected that some security vulnerabilities would still exist as the software issued by some third-party suppliers would be late in applying the updated codec format that fixes the Zero-day bug flaws.

Critical Bug Access

The latest Android hack has been dubbed “ALHACK” by the cyber security researchers tracking the dark web hackers, who are exploiting the flaw.

Reports indicated that targeting the Android Application would include Qualcomm and MediaTek. These are the two of the largest telecommunication chip makers in the United States, according to Check Point Research.

With their ongoing research, the security experts have not yet made available the full details about how the flaws will be exploited by the dark web hackers. However, they have guaranteed to do provide all their discovery at the scheduled CanSecWest conference set for sometime in May 2022.

Audio Codecs Case Flaws

According to the information available, at the moment, the Zero-day vulnerability provides hacking groups remote access to install and run their malicious software on a victim’s device. Oftentimes, the Android gadget is infiltrated by a potentially malicious audio file. Now, with the suspicious file on the device, the dark web hackers will then trick the victims into clicking a link to open the virus-laden file.

The consequences of security loophole hack attacks are usually quite severe, they tend to range from a data breach to malware planting and execution. Once the dark web hackers have gained access to a device, they can reconfigure the gadget’s settings menu. The hackers are also able to access hardware devices such as the camera and microphone, they can even fully take over the account of their victims.

So far, the ALAC flaws were fixed in December 2021 by MediaTek and Qualcomm to prevent further damage to their consumers. Both tech companies have constantly monitored their software to say abreast of security vulnerabilities, the threat level is as follow CVE-2021-0674 (medium severity with a 5.5 score), CVE-2021-0675 (high severity with a 7.8 score), and CVE-2021-30351 (critical severity with a 9.8 score).

How to Keep Safe

Android device manufacturers have provided a few technical aspects to reduce the risk of security exploitation.

Nearly every single monthly Software security update includes a fix for remote code execution deficiencies that are usually discovered in open-source audio computer chips. However, trying to exploit them is rarely simple, but dark web hackers usually try to attack victims, oftentimes, before a patch is made available by the manufacturer.

Android patches issued recently in April include nine remedies for known vulnerabilities reported in open-source modules. CVE-2021-35104 (9.8 severity score) is one of them: a buffer overflow that resulted in incorrect header parsing while playing FLAC audio clips. The bug directly affected chipsets found in nearly every Android product released by Qualcomm in the last few years.

Android Users’ Basic Security Advice

To maintain their gadgets and prevent hackers from targeting them, consumers have been warned that they must stay abreast of the newest updates, which in this case means running the latest software.

Android new update is now available, the released version for “December 2021” or later is required. Also, implementing a third-party Android allocation that will provide Android patches is a viable option if the gadget no longer recognizes security patches from the distributor.

Finally, it is best not to open audio files received from unidentified or suspicious sources. In that, hackers will also send phishing emails with malicious links that could trigger the vulnerability.