Smartphones, TV box ... Many Android devices are easily hacked remotely

Tens of thousands of terminals are accessible by Android Debug Bridge and can connect to it with administrator privileges. This fault is already actively exploited by a mining worm of moneros.

Rarely has the hacking of a computer been so easy. Security researcher Kevin Beaumont has just warned that a large number of Android devices were exposing the Android Debug Bridge protocol over the Internet, via TCP port 5555. Android Debug Bridge is an interface for developers. It allows you to communicate with the device to, for example, install software or troubleshoot the system.

Normally, it is accessible only through the USB port after activating the developer mode in the system settings. But on the devices found by Kevin Beaumont, this interface is obviously enabled by default and more accessible via the Internet, probably due to forgetting the provider. "This is highly problematic because it allows anyone to remotely access these devices, without any password and administrator privileges, to softly install software and perform malicious functions," explains Kevin Beaumont.

Indexed by shodan.io

Among these devices, we find mainly smartphones and TV boxes. To identify them, it's easy: just go to the site shodan.io, specialized in the indexing of connected objects. Using "Android Debug Bridge" as a keyword, the search engine lists all models accessible remotely. Currently, there are more than 16,000 in the world. They are mainly distributed in Korea (4200), Taiwan (3295), China (2222), the United States (2074) and Russia (1112).

But these numbers are just the tip of the iceberg. Indeed, Shodan began indexing this type of parameter for a few days, following the alert Kevin Beaumont. The scale of the problem is likely to be in the order of several tens of thousands of devices. Last February, Qihoo 360 security researchers had already noticed the spread of a worm called ADP.Miner that uses the ADB interface to spread and installs a minor of moneros on the infected machines. According to researcher Pitr Bazydlo, this worm has already infected more than 40,000 terminals to date.
It must be said that piracy of these devices is all the more simple as there is already a ready-to-use module in the Metasploit pentesting software. Just download it to exploit this flaw in an automated way. It promises.

paypal,facebook,yahoo,mail,google,maps,ebay,amazon,barcelone,realmadrid,netflix,craigslist,AliCarter,Liverpool,AlfieEvans,YankeesVsAngels,RonanFarrow,YeVsThePeople,MesotheliomaLawFirm,Donate,CarToCharity,California,Donate,Car,ForTaxCredit,DonateCarsInMa;Insurance,Loans,Mortgage,Attorney,Credit,Lawyer,Donate,Degree,Hosting,Claimcashfear,softwares,money,football,SPORTNEWS,cars,carrental,cellphone,phonenumber,forex,torrent,voip,net,adsence,tollsspeakers,tipsspeakers,iphonespeakers,phones,iphone4,facebook,youtube,twitter,livematch,newslive,watchmatchforfree,watchlaligaforfree,watchserieAliveonjsc+,softwares,football,SPORTNEWS,cars,carrental,cellphone,phonenumber,forex,torrent,voip,net,adsence,tollsspeakers,tipsspeakers,iphonespeakers,phones,iphone4,facebook,youtube,twitter,livematch,newslive,watch match for free,watch laliga for free,watch serie A live on jsc+,windows 7,windows 8