Up to 80% of Android smartphones are susceptible to a recently-discovered Linux exploit that allows attackers to intercept unencrypted web traffic and spy on users, according to mobile security firm Lookout. The flaw leaves Android devices running software version 4.4 KitKat and above vulnerable to hijacking attacks.
Last week, security researchers discovered a vulnerability in the Transmission Control Protocol (TCP) used by Linux that allows an attacker to remotely spy on people using unencrypted connections using just an IP address.
The vulnerability affects the Linux Kernel 3.6, which was introduced to Android smartphones during the update to Android version 4.4 KitKat, all the way up to the latest version. Lookout estimates that this equates to approximately 1.4bn devices, or 79.9 percent of the Android ecosystem.
The vulnerability is classified as CVE-2016-5696, which means it is of medium severity. According to Lookout, enterprises running mobility programmes are particularly at risk, and are advised to check if any of their communications services are unencrypted. If so, it could be possible for hijackers to access and manipulate sensitive information including corporate emails, files and documents.
In order to patch the vulnerability, Android devices need to have their Linux kernel updated. However, Lookout claims that the kernel is yet to be patched in the latest developer preview of Android 7.0 Nougat.
There are steps users can take to safeguard themselves in the meantime, the most basic of which is ensuring all the websites and apps you use are encrypted and use HTTPS with TLS. You can also use a VPN as an added layer of protection.
Lookout details additional methods for the more technically-inclined among you, which are detailed here.