Critical vulnerability was discovered in Android app for message sharing Viber. So far the app was downloaded more than 100 million times, which means that all of the users may be affected by the vulnerability that opens the access to the device.
Viber is compliable with devices of such companies as Samsung, Sony, HTC, LG and Motorola.
Bkav Internet Security experts, who discovered the vulnerability, stated that the specific technique of attack against Viber differs each time, but in each case, the system may be compromised, which leads to a remote access to user’s data. Experts at Viber Media are aware of the existing bug and they are currently building the patch.
“The way Viber handles to popup its messages on smartphones' lock screen is unusual, resulting in its failure to control programming logic, causing the flaw to appear,” said Mr. Nguyen Minh Duc, Director of Bkav's Security Division.
There are several videos on YouTube demonstrating bypassing Viber security systems.