A security vulnerability in the Android system allowed hackers to secretly take photos and videos of users, Checkmarx Security Research Team said on Tuesday.
The security researchers discovered that Pixel 2 XL, Pixel 3 and Samsung camera app had permission bypass issues affecting hundreds of millions of smartphones. Google patched the bug through a Google Camera app update in July.
This Android vulnerability allowed hackers to take control of the smartphone’s camera and use it to capture photos and record videos as well. Hackers could manage this through a rogue Android app. Checkmarx also discovered that hackers had the potential to access videos and photos saved on the phone.
Hackers can also attain more intricate details like the GPS metadata and EXIF data of the photos. Since photos and videos are usually stored on SD card hackers could easily access them. Checkmarx also explained how storage permissions for SD card data can be easily exploited. This exploitation could take place even during voice calls where the hacker could record the entire conversation of the caller and receiver both.