Researchers use Google Now for calling expensive premium rate numbers




Researchers have identified a component of Google Now, Google Voice Search, exploited to call or to have used. SMS services the phone without the user’s permission expensive toll numbers Thanks to trick the malware app required. No permissions

VoicEmployer Because the app does not need permissions would not even have alarm bells ringing when installing the app. Among advanced users After installing the app, can call via a ‘even if the phone is idle and have security, Google Voice Search intent . Through an audio file, a command can then be spoken to premium phone numbers to call, or may be, private data obsolete report researchers from the American University Cornell. They call it the “GVS-hack ‘to Google Voice Search.

Thanks to the trick, the researchers have tested a Samsung Galaxy S3, a Meizu smartphone and a Motorola device, says it is likely all Android smartphones with Google Apps to access many private data. There are so specific snags: to operate the trick the app should be audible play an audio file.

Researchers have tried to work around it in different ways, but that is not: so does Google Voice Search, since Android 4.1 part of Google Now, no audio at high frequencies that humans can not hear. Also, the manipulation of the data afterwards does not function; the connection between Voice Search and Google servers is protected with TLS.

The implications of the discovery are small: any malware that uses this trick should be heard, the audio file so that users can discover it. The researchers do not rule out VoicEmployer, as they call the app could work on iOS or Windows Phone. Even in modified form


In: Technology & Gadgets Asked By: [15446 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »