CVE-2019-8541: Técnica SensorID Ataque Supera Android e iOS Segurança

Os criminosos criaram uma nova tática de malware que é conhecido como o ataque SensorID e é capaz de superar a segurança de dispositivos Android e iOS. It is designed to track users by abusing the sensors of these devices. The implications of this vulnerability are very serious as this allows hackers to easily penetrate these devices. It is tracked in the CVE-2019-8541 advisory.

CVE-2019-8541: The SensorID Attack Is Used To Spy Android and iOS Devices

Security researchers have uncovered a new novel malware attack technique which relies on acquiring sensors data by hackers from victim devices — as it turns out this includes both Android and iOS owners. Ele é chamado SensorsID and it can be used to track owners across the Internet. This is caused by a weakness in the factory-set calibration details — they can be accessed freely by applications without asking for specific permissions. It is described as harvesting of data from the following components:

  • Gyroscope
  • Magnetometer
  • Accelerometer

The SensorID attack is carried out by analyzing the data which is accessible both by websites and apps. This means that hackers can easily create such data capture elements in order to track the users across the Internet. Once they acquire a unique signature it can be used to fingerprint the victim device which is valid across the whole Internet. What’s more worrying about this particular attack is that it impacts iOS devices more than Android. The reason for this is that by default the sensors are calibrated on the assembly line wherein most Android devices calibrate themselves upon certain events such as initial setup and etc. The reason why this attack is deemed so dangerous is that each set of extracted fingerprints can be used as a unique identifier. This sensor calibration fingerprint will never change even when making a factory reset.

maçã released a patch for iOS which has corrected the issue back in March addressing the issue. The solution was to add random noise in the calibration output. The associated vulnerability is tracked in CVE-2019-8541 which describes the abuse of this technique in web browsers. Sua descrição lê a seguinte:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka “Chakra Scripting Engine Memory Corruption Vulnerability.This affects Microsoft Edge, ChakraCore

o full security report can be accessed here. Worried users can see if their device is affected by navigating to this demo page.


Martin Beltov

Martin formou-se na publicação da Universidade de Sofia. Como a segurança cibernética entusiasta ele gosta de escrever sobre as ameaças mais recentes e mecanismos de invasão.

mais Posts - Local na rede Internet

Me siga:
TwitterGoogle Plus

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar