Android Users, It’s Time to Safeguard Yourself from Getting Exploited


The next generation of Android has been out and people are going crazy about it. On the surface Android 8.0 Oreo is a subtle upgrade, yet delve deeper and it adds some really important improvements – specifically around tangible performance, battery life, and security.

No matter how fascinating you may find but it can get further as scary at an equivalent time. Let me show you how? Recently, a new Android exploit has been discovered that tricks users in such a way that things happening on the screen gets automatically recorded in the form of screenshots. The exploit has been discovered by MWR InfoSecurity and it is present on all the Android versions 5.0 (Lollipop) to 7.1 (Nougat).

In a layman’s language, your smartphone can make you vulnerable by recording your screen content secretly.

Which means right from taking photos to recording videos, sending text messages and accessing the phone’s clipboard – and from this, hackers can determine the user’s location and even passwords. Sound’s scary, isn’t it? In fact, it may also interest you to know that the vulnerability isn’t with the apps themselves but it even includes the ad libraries used via the Android software. A potential hacker initially exploits the flaw in the code of Android ad libraries and ends up pushing traffic from the advertiser’s server to their own ‘attack’ server.

As soon as the phone runs on the attack server, the hacker can generate fake messages to appear each time a selected app is opened. Also, the hacker within the attack server can choose which permissions to grant themselves. For example, taking photos, recording audio and video, send text messages, upload the clipboard, and make calls and so more.

According to MWR InfoSecurity

The exploit involves Android’s MediaProjection framework that was launched way back with Android 5.0 lollipop. This was strictly meant for Android developers to record phone’s screen alongside system audio. However, in Gingerbread, Ice-cream sandwich and such other previous versions, the screen recording apps were required to run with root prerogatives or signed with special keys, but with Lollipop and versions that came after that, developers had a clear access to the screen capturing feature without any root permissions.

In general, apps making use of MediaProjection framework needs to request permission to the service on purpose, which Android offers to users as a SystemUI pop-up. Whereas MWR InfoSecurity found that attackers can easily overlay SystemUI pop-up with a camouflage that tricks users into granting the app with screen-recording permissions. Due to the inability of these versions, it clearly becomes viable to detect screen overlays or fake SystemUI pop-ups.

android safeguard

What Google Has To Say?

According to Google’s latest reports, Android 8.0 users are safe! The company has successfully patched this vulnerability in Android 8.0 Oreo but as most of the Android devices are not running Oreo, the threat still persists and can affect the majority of users.

As of now, unfortunately, there is no short fix available for this security loophole. In the meantime, many Android application development companies have started saving their users by enabling FLAG_SECURE layout parameter in their application’s WindowManager. This makes sure that the content of the app window is prevented from appearing in screenshots or being subjected to viewing on non-secure screens.

Further, MWR InfoSecurity states that the attack is not undetectable:

When an application gains access to the MediaProjection Service, it generates a Virtual Display which activates the screencast icon in the notification bar. Should users see a screencast icon in their devices notification bar, they should investigate the application/process currently running on their devices.

Other Android 8.0 Oreo Problems to take Into Account

Let’s take a short walkthrough that emphasis on the current state of Android Oreo problems and a quick look at what Google is up to in terms of fixes?

Although the latest Android Oreo update can be manually installed but some users are running into trouble trying to sideload the software on a Nexus or Pixel.

However installation issues aren’t much of a concern as you will come across numerous other issues in context with Bluetooth, weird battery drain, UI lag, freezes, various issues with sound, issues with calls, random reboots, issues with the new Picture-in-Picture feature, device recognition problems, camera problems, fingerprint issues, unlock problems, Enterprise problems, and various issues with apps and so more.

Well, speaking of these issues you don’t need to panic as Google is on its way fix those installation problems in the future. Apart from that, you can find your own ways. For example, if you’re noticing severe or abnormal battery drain after getting Android 8.0 Oreo on board your device there’s no need to panic. You should be able to fix the issue in a matter of minutes. For Wi-Fi problems, all you can do is unplug your router for a solid minute and then plug it back in to see if your issues are resolved.

If those don’t help, we recommend updating your applications. If updating doesn’t fix your issue, boot your device into Safe Mode to disable third-party apps. Apps have been known to cause connectivity problems.

Nishtha Singh
Nishtha is working as a Presales Manager at TatvaSoft UK - an android application development company in UK. She relishes writing about various technology trends, Digital Marketing, Management, Entrepreneurship, Startups and much more. Her aims to spread knowledge of the latest technologies through her online contribution.


Please enter your comment!
Please enter your name here


5 Best Games Like Mystic Messenger for 2020

If you haven't played Mystic Messenger yet, you probably the kind of person who isn't aware of the latest happenings in the...

Tinder Super Like – How to Super Like and Undo Super Like on Tinder

Looking for the guide about what actually Tinder Super like is? Do you want to know how you can hit Tinder Super Like to...

How to Change your Game Status in Discord

Discord is something you should familiarize yourself with if you spend most of the time on the internet playing online games. This...

7 Best Kik Friend Finder Apps

The number of messengers are increasing day by day, Kik Messenger holds its place as a superb instant messaging app, which allows...

How To Add Bots To Your Discord Server

If you want to add a bot to Discord, this article contains all the guidelines required on how to make a discord bot.


iflix – Online Streaming Service for PC

Iflix is an online streaming service offering shows and movies for entertainment from many parts of the world. It’s based out of...

How to Change File Associations in Windows 7, 8, 10

File associations play an essential role in the smooth functioning of an Operating System, and Windows has no exception. This simply means...

Tips for Choosing an Affordable AV Receiver under $500

The receiver was invented about 100 years ago as a combination of radio receiver and amplifier. Since then, it has evolved a...

5 Community Benefits That Come From Small Businesses

If you think about what makes a community unique, your mind probably goes to the quaint shops and small businesses that often...

5 B2B Marketing Strategies Experts Swear By

Initially, when a business wanted to market its products and services professionally, it would employ direct client calling or outbound marketing. The...