Monday, 21 November 2022 06:03

Hackers found a way to unlock your Android phone without your password. This is what to do

Rate this item
(0 votes)

Your phone’s lock screen is supposed to be a safeguard against the world (and accidental unlocks in your pocket). When it’s locked, your phone can’t be opened without either the passcode, a face scan, or a fingerprint. If you lose your phone or someone snatches it from you, you can rest assured they won’t be able to do anything with it. Except right now they can, thanks to a recently discovered vulnerability allowing anyone to bypass an Android device’s lock screen.

As reported by Bleeping Computer, cybersecurity researcher David Schütz discovered a way to unlock both a Google Pixel 6 and Pixel 5 without needing to know the passcode. It happened after his Pixel 6 ran out of charge, and after he incorrectly entered his PIN wrong three times. His SIM card was then locked, so he entered the PUK (Personal Unblocking Key) to restore it.

However, once the SIM was recovered, the Pixel asked him to scan his fingerprint. That shouldn’t happen, since Pixels (as well as most phones) require you to enter the passcode in order to unlock after a reboot. You shouldn’t have the option to use your fingerprint to unlock the phone until after one successful unlock with the passcode.

From there, Schütz realized there was a legitimate security flaw here. If an attacker inserts their own SIM into a target’s Android, then enters the wrong SIM PIN three times, they can enter their SIM’s PUK to be able to create a new SIM PIN. Once they do, they bypass the lock screen entirely and access the phone.

Schütz brought this flaw to Google’s attention back in June of this year, but it took the company five months to finally push a patch. Still, it’s good there is a patch: It’s not clear how long this vulnerability was actually floating around, potentially putting millions of Androids in jeopardy.

How to fix the latest lock screen security flaw on Android

If you have a phone running Android 10, 11, 12, or 13, you need to install the November 2022 security update in order to patch this vulnerability. If you already installed the patch, you’re good to go! But otherwise, install it ASAP.

To install a security patch on Android, head to Settings > System > System Update, then allow the OS to look for a new update. If there’s one available, you can download and install it. You can also check for security updates from Settings > Security > Google Security checkup.

 

Lifehacker

November 23, 2024

NNPC not delivering quantity of crude oil agreed on, Dangote refinery says

The federal government's plan to sell crude priced in the local currency is faltering, with…
November 22, 2024

Tinubu’s borrowing spree retuning Nigeria back into debt peonage - Atiku

Former Vice President Atiku Abubakar has criticized the President Bola Tinubu-led administration for the increasing…
November 23, 2024

Do these 3 things to feel happier today—they take less than 10 minutes

Prioritizing your joy can feel like an abstract assignment that, frankly, many of us don't…
November 16, 2024

Influencer eats pig feed in extreme attempt to save money

Popular Douyin streamer Kong Yufeng recently sparked controversy in China by eating pig feed on…
November 22, 2024

FG excited as pro-Biafra agitator Simon Ekpa arrested in Finland on terrorism charges

Simon Ekpa, the controversial leader of the pro-Biafra faction Autopilot, was arrested by Finnish authorities…
November 23, 2024

What to know after Day 1003 of Russia-Ukraine war

RUSSIAN PERSPECTIVE Putin announces mass production of Oreshnik missiles Russian President Vladimir Putin confirmed on…
November 21, 2024

Nigeria comes top in instant payment system inclusivity index in Africa

Nigeria’s instant payment system is projected to advance to the maturity inclusion spectrum ahead of…
October 27, 2024

Nigeria awarded 3-0 win over Libya after airport fiasco

Nigeria have been awarded a 3-0 victory over Libya, and three vital points, from their…

NEWSSCROLL TEAM: 'Sina Kawonise: Publisher/Editor-in-Chief; Prof Wale Are Olaitan: Editorial Consultant; Femi Kawonise: Head, Production & Administration; Afolabi Ajibola: IT Manager;
Contact Us: [email protected] Tel/WhatsApp: +234 811 395 4049

Copyright © 2015 - 2024 NewsScroll. All rights reserved.